InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
When was the last time you conducted a comprehensive technology audit? If it's been a while or hasn't happened at all, you're probably vulnerable to a cyberattack. Cybercrime shows no signs of slowing down and is expected to cost the world $10.5 trillion per year by 2025.* Are you confident that your organization is secure with the current remote and hybrid work environments? This is where a technology audit can give you peace of mind. An IT audit is a thorough analysis and assessment of an organization's IT infrastructure, policies and procedures.
Importance of Technology Audits
Here are some reasons why a technology audit is essential to organizational resilience and overall success:
- Detects security vulnerabilities
- Ensures that the organization is up to date on security measures
- Establishes the foundation for the organization's new security policies
- Prepares the organization to respond quickly and effectively in the event of a cyberattack
- Helps maintain compliance with various security regulations
Benefits of Technology Audits
Comprehensive technology audits have three key benefits:
No Surprises
A properly planned auditing process creates a map of your IT environment that helps you understand how everything connects and which areas expose you to threats. This allows you to focus your remediation efforts where they are needed the most.
Consider this: What if one of your top executives was secretly selling all your intellectual property ideas to your main competitor? That could sink your company or significantly reduce your profit potential. Unmapped and unaccounted-for technology landscapes can lead to similar outcomes.
To avoid this, regularly monitor, update, patch and clean up the proverbial dust in your infrastructure. You might soon discover that someone intentionally or unintentionally downloaded a piece of malicious code that's spreading like wildfire across your network, waiting for the perfect moment to demand a ransom or continue spying and stealing your best ideas.
Data-Driven Decision Making
An audit can also help you prioritize your goals based on what's most pressing, exposing vulnerabilities or what’s causing productivity loss.
A Vision for the Future
Armed with a thorough understanding of your technology's strengths, weaknesses, opportunities and threats, you can begin planning years in advance and share the vision with team members to keep them motivated.
Are you ready to start planning your technology audit? Contact us for a free assessment.
Source:
* Cybersecurity Ventures
Cronin
https://www.websiteplanet.com/blog/cronin-leak-report/
Exploit: MisconfigurationCronin: Digital Marketing Firm
Risk to Business: 1.917= Severe
Researchers discovered a non-password-protected database that contained 92 million records belonging to the digital marketing firm Cronin last week. The exposed server was named “Cronin-Main” and many of the records contained references to Cronin. Exposed client records include internal logging of client advertisement campaigns, keywords, Google analytics data, session IDs, Client IDs, device data and other identifying information. Sales data was also exposed in a “Master Mailing List” with direct physical names, addresses, Salesforce IDs, phone numbers, and references to where the leads came from for customers and prospects. Internal Cronin employee usernames, emails, and hashed passwords and some unspecified PII and financial data were also exposed.
Customers Impacted: Unknown
How It Could Affect Your Business: Information security is challenging enough without the complications of sloppy and dangerous mistakes like this.
Supernus Pharmaceuticals
https://www.securityweek.com/ransomware-operators-threaten-leak-15tb-supernus-pharmaceuticals-dataExploit: Ransomware
Supernus Pharmaceuticals: Pharmaceutical Company
Risk to Business: 1.702=Severe
Maryland-based Supernus Pharmaceuticals fell prey to a ransomware attack that resulted in a large amount of data being exfiltrated from its networks in mid-November. The Hive ransomware group claimed responsibility for the attack over the Thanksgiving holiday weekend. The group claims to have breached Supernus Pharmaceuticals’ network on November 14 and exfiltrated a total of 1,268,906 files, totaling 1.5 terabytes of data. Supernus Pharmaceuticals says it did not plan to pay a ransom. In a statement, Supernus Pharmaceuticals also disclosed that it did not experience a significant impact on its business, they were quickly able to restore lost data and the company has enacted stronger security measures.
Customers Impacted: Unknown
How It Could Affect Your Business: Companies in the healthcare and pharma sectors have been the favorite targets of ransomware gangs since the start of the global pandemic.
Butler County Community College
https://www.wtae.com/article/butler-county-community-college-closed-ransomware-attack/38374651Exploit: Ransomware
Butler County Community College: Institution of Higher Learning
Risk to Business: 2.728=Moderate
Butler County Community College in Pennsylvania was forced to suspend classes for at least two days in the wake of a ransomware attack that has crippled the college’s systems. The college says it is working to restore databases, hard drives, servers and other devices. In a release, the college also announced the cancellation of all remote and online credit classes as it works to restore data, servers and other systems affected by the attack. Noncredit courses are canceled as well for November 29 and 30. The college will not provide services on its main campus or at its additional locations on those days. The incident is under investigation and the college is being assisted in recovery by a local cybersecurity firm.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware gangs have been taking aim at schools, colleges, school districts and similar education sector targets thanks to the it historically poor security and profit opportunities created by the adoption of widespread distance learning.
Brazil – WSpot
https://www.hackread.com/wifi-software-firm-exposed-users-data/
Exploit: MisconfigurationWSpot: WiFi Security Software Provider
Risk to Business: 2.109= Severe
Researchers uncovered a misconfigured Amazon Web Services S3 bucket containing 10 GB worth of data that belonged to Wi-Fi software services company WSpot. The bucket was discovered on Sep 2nd, and WSpot was notified on Sep 7th, after which the company was able to secure it immediately. The company stated that they are in the process of notifying legal authorities including the National Data Protection Authority regarding the incident. WSpot, estimated that 5% of its customer base was impacted by this leak.
Individual Risk 2.811= Severe
An estimated 226,000 files were exposed including the personal details of at least 2.5 million users who connected to WSpot’s client’s public Wi-Fi networks.
How it Could Affect Your Business: These days consumers and businesses are paying attention to who has data security in mind when choosing business partners and service providers.
United Kingdom – BTC-Alpha
https://www.techtarget.com/searchsecurity/news/252509877/Cryptocurrency-exchange-BTC-Alpha-confirms-ransomware-attackExploit: Ransomware
BTC-Alpha: Cryptocurrency Exchange
Risk to Business: 1.512= Severe
This week’s most bizarre breach saga belongs to BTC-Alpha. The UK-based cryptocurrency exchange was hit with a ransomware attack in early November. The Lockbit ransomware group claimed responsibility and posted a threat to its leak site to expose BTC-Alpha’s data if a ransom was not paid by December 1. Here’s where it gets strange. Alpha founder and CEO Vitalii Bodnar alleged the attack was the work of a competing cryptocurrency firm in a press release on the same day that Lockbit’s announcement was made. The release goes on to state that a rival was launching a cryptocurrency exchange on the same day as the attack and may be involved in the incident. The full text of the release is available here: https://www.prleap.com/pr/282919/vitaliy-bodnar-founder-of-btc-alpha-comments-on-the-pressure-and-threats The company disclosed that although hashed passwords were compromised, users’ balances were not impacted, and the company and its users lost no money. The company also advised users to avoid password reuse, update or reinstall their apps, and employ MFA. The odd incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Companies that provide financial services need to provide and enforce strong security measures like the universal adoption of MFA.
Sweden – IKEA
https://www.msspalert.com/cybersecurity-breaches-and-attacks/phishing/ikea-cyberattack-details/
Exploit: PhishingIKEA: Furniture & Home Goods Retailer
Risk to Business: 1.595 = Extreme
IKEA is battling a nasty phishing attack on its employee email accounts that is using reply chains to try to trick employees. A reply-chain email attack is a type of spoofing in which the bad guys steal legitimate corporate email messages and send links to malicious documents to the chain as a reply. The messages seem legit and can be hard to catch. Malicious messages are being sent from inside the main IKEA organization as well as from other compromised IKEA organizations and business partners. The fight is ongoing and no direct cause has been announced, although analysts are saying that signs point to a Microsoft Exchange on-premises server compromise.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing is the top risk for a data breach in organizations of any size and has been for the last 3 years.
Singapore – Swire Pacific Offshore
https://portswigger.net/daily-swig/maritime-giant-swire-pacific-offshore-suffers-data-breach-following-cyber-attackExploit: Ransomware
Swire Pacific Offshore: Maritime Services
Risk to Business: 1.595 = Extreme
Singapore-based shipping giant Swire Pacific Offshore has announced a data breach after it fell victim to a possible ransomware attack. The company’s press release stated that unauthorized access had resulted in the loss of some confidential proprietary commercial information and some personal data. No further specifics were given about the type or amount of data stolen. The statement went on to note that appropriate authorities have been notified. Singapore has mandatory data breach notification laws that require organizations to report incidents like this to the government. The company also announced that it is working with data security experts to investigate the incident and implement stricter security measures.
Customers Impacted: Unknown
How it Could Affect Your Business: Shipping has been beleaguered by cybercrime since the start of the global pandemic with maritime firms especially at risk. At least four other major maritime services or shipping companies have been hit by ransomware in recent months.
Cronin
https://www.websiteplanet.com/blog/cronin-leak-report/
Exploit: MisconfigurationCronin: Digital Marketing Firm
Risk to Business: 1.917= Severe
Researchers discovered a non-password-protected database that contained 92 million records belonging to the digital marketing firm Cronin last week. The exposed server was named “Cronin-Main” and many of the records contained references to Cronin. Exposed client records include internal logging of client advertisement campaigns, keywords, Google analytics data, session IDs, Client IDs, device data and other identifying information. Sales data was also exposed in a “Master Mailing List” with direct physical names, addresses, Salesforce IDs, phone numbers, and references to where the leads came from for customers and prospects. Internal Cronin employee usernames, emails, and hashed passwords and some unspecified PII and financial data were also exposed.
Customers Impacted: Unknown
How It Could Affect Your Business: Information security is challenging enough without the complications of sloppy and dangerous mistakes like this.
Supernus Pharmaceuticals
https://www.securityweek.com/ransomware-operators-threaten-leak-15tb-supernus-pharmaceuticals-dataExploit: Ransomware
Supernus Pharmaceuticals: Pharmaceutical Company
Risk to Business: 1.702=Severe
Maryland-based Supernus Pharmaceuticals fell prey to a ransomware attack that resulted in a large amount of data being exfiltrated from its networks in mid-November. The Hive ransomware group claimed responsibility for the attack over the Thanksgiving holiday weekend. The group claims to have breached Supernus Pharmaceuticals’ network on November 14 and exfiltrated a total of 1,268,906 files, totaling 1.5 terabytes of data. Supernus Pharmaceuticals says it did not plan to pay a ransom. In a statement, Supernus Pharmaceuticals also disclosed that it did not experience a significant impact on its business, they were quickly able to restore lost data and the company has enacted stronger security measures.
Customers Impacted: Unknown
How It Could Affect Your Business: Companies in the healthcare and pharma sectors have been the favorite targets of ransomware gangs since the start of the global pandemic.
Butler County Community College
https://www.wtae.com/article/butler-county-community-college-closed-ransomware-attack/38374651Exploit: Ransomware
Butler County Community College: Institution of Higher Learning
Risk to Business: 2.728=Moderate
Butler County Community College in Pennsylvania was forced to suspend classes for at least two days in the wake of a ransomware attack that has crippled the college’s systems. The college says it is working to restore databases, hard drives, servers and other devices. In a release, the college also announced the cancellation of all remote and online credit classes as it works to restore data, servers and other systems affected by the attack. Noncredit courses are canceled as well for November 29 and 30. The college will not provide services on its main campus or at its additional locations on those days. The incident is under investigation and the college is being assisted in recovery by a local cybersecurity firm.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware gangs have been taking aim at schools, colleges, school districts and similar education sector targets thanks to the it historically poor security and profit opportunities created by the adoption of widespread distance learning.
Brazil – WSpot
https://www.hackread.com/wifi-software-firm-exposed-users-data/
Exploit: MisconfigurationWSpot: WiFi Security Software Provider
Risk to Business: 2.109= Severe
Researchers uncovered a misconfigured Amazon Web Services S3 bucket containing 10 GB worth of data that belonged to Wi-Fi software services company WSpot. The bucket was discovered on Sep 2nd, and WSpot was notified on Sep 7th, after which the company was able to secure it immediately. The company stated that they are in the process of notifying legal authorities including the National Data Protection Authority regarding the incident. WSpot, estimated that 5% of its customer base was impacted by this leak.
Individual Risk 2.811= Severe
An estimated 226,000 files were exposed including the personal details of at least 2.5 million users who connected to WSpot’s client’s public Wi-Fi networks.
How it Could Affect Your Business: These days consumers and businesses are paying attention to who has data security in mind when choosing business partners and service providers.
United Kingdom – BTC-Alpha
https://www.techtarget.com/searchsecurity/news/252509877/Cryptocurrency-exchange-BTC-Alpha-confirms-ransomware-attackExploit: Ransomware
BTC-Alpha: Cryptocurrency Exchange
Risk to Business: 1.512= Severe
This week’s most bizarre breach saga belongs to BTC-Alpha. The UK-based cryptocurrency exchange was hit with a ransomware attack in early November. The Lockbit ransomware group claimed responsibility and posted a threat to its leak site to expose BTC-Alpha’s data if a ransom was not paid by December 1. Here’s where it gets strange. Alpha founder and CEO Vitalii Bodnar alleged the attack was the work of a competing cryptocurrency firm in a press release on the same day that Lockbit’s announcement was made. The release goes on to state that a rival was launching a cryptocurrency exchange on the same day as the attack and may be involved in the incident. The full text of the release is available here: https://www.prleap.com/pr/282919/vitaliy-bodnar-founder-of-btc-alpha-comments-on-the-pressure-and-threats The company disclosed that although hashed passwords were compromised, users’ balances were not impacted, and the company and its users lost no money. The company also advised users to avoid password reuse, update or reinstall their apps, and employ MFA. The odd incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Companies that provide financial services need to provide and enforce strong security measures like the universal adoption of MFA.
Sweden – IKEA
https://www.msspalert.com/cybersecurity-breaches-and-attacks/phishing/ikea-cyberattack-details/
Exploit: PhishingIKEA: Furniture & Home Goods Retailer
Risk to Business: 1.595 = Extreme
IKEA is battling a nasty phishing attack on its employee email accounts that is using reply chains to try to trick employees. A reply-chain email attack is a type of spoofing in which the bad guys steal legitimate corporate email messages and send links to malicious documents to the chain as a reply. The messages seem legit and can be hard to catch. Malicious messages are being sent from inside the main IKEA organization as well as from other compromised IKEA organizations and business partners. The fight is ongoing and no direct cause has been announced, although analysts are saying that signs point to a Microsoft Exchange on-premises server compromise.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing is the top risk for a data breach in organizations of any size and has been for the last 3 years.
Singapore – Swire Pacific Offshore
https://portswigger.net/daily-swig/maritime-giant-swire-pacific-offshore-suffers-data-breach-following-cyber-attackExploit: Ransomware
Swire Pacific Offshore: Maritime Services
Risk to Business: 1.595 = Extreme
Singapore-based shipping giant Swire Pacific Offshore has announced a data breach after it fell victim to a possible ransomware attack. The company’s press release stated that unauthorized access had resulted in the loss of some confidential proprietary commercial information and some personal data. No further specifics were given about the type or amount of data stolen. The statement went on to note that appropriate authorities have been notified. Singapore has mandatory data breach notification laws that require organizations to report incidents like this to the government. The company also announced that it is working with data security experts to investigate the incident and implement stricter security measures.
Customers Impacted: Unknown
How it Could Affect Your Business: Shipping has been beleaguered by cybercrime since the start of the global pandemic with maritime firms especially at risk. At least four other major maritime services or shipping companies have been hit by ransomware in recent months.
GoDaddy
https://techcrunch.com/2021/11/22/godaddy-breach-million-accounts/
Exploit: Credential CompromiseGoDaddy: Web Hosting Provider
Risk to Business: 1.527= Severe
GoDaddy has reported a data breach that may impact more than 1 million customers who use the service for WordPress hosting. The company detailed the incident in an SEC filing, declaring that it had detected unauthorized access to its systems where it hosts and manages its customers’ WordPress servers when someone used a compromised password for access around September 6. GoDaddy said it discovered the breach last week on November 17. The company warned that active customers had their sFTP credentials (for file transfers), and the usernames and passwords for their WordPress databases, which store all the user’s content, exposed in the breach. In some cases, the customer’s SSL (HTTPS) private key was exposed, which if abused could allow an attacker to impersonate a customer’s website or services. 1.2 million active and inactive managed WordPress users had their email addresses and customer numbers exposed in this incident.
Customers Impacted: 1.2 million
How It Could Affect Your Business: Third-party security risk is increasingly common in an interconnected world and building strong defenses helps protect against this unexpected danger.
California Pizza Kitchen
Exploit: HackingCalifornia Pizza Kitchen: Fast Casual Restaurant Chain
Risk to Business: 2.212=Severe
US casual dining chain California Pizza Kitchen has had a data security breach that impacts current and past employees. In a statement, the company disclosed that its systems were infiltrated by an unauthorized user on September 15. Those cybercriminals gained access to an undisclosed amount of data including employee records that contained at least employee names and SSNs.
Individual Risk: 1.907=Severe
In a filing with the Maine attorney general’s office, the company reported that 103,767 current and former employees had their names and Social Security numbers exposed.
How It Could Affect Your Business: A failure to secure employee data can be just as damaging and expensive as a failure to secure consumer data.
Lake County Board of Commissioners
https://www.washingtonpost.com/politics/attempted-breach-ohio-election/2021/11/19/12417a4c-488c-11ec-b8d9-232f4afe4d9b_story.htmlExploit: Insider Incident
Lake County Board of Commissioners: Election Regulator
Risk to Business: 1.502=Severe
The Washington Post is reporting that a data security incident occurred at the Lake County, Ohio Board of Elections. The attempted breach occurred on May 4 inside the county office of John Hamercheck (R), president of the Lake County Board of Commissioners. In this incident, a private laptop was plugged into the county network in Hamercheck’s office, capturing routine network traffic. That information was then distributed at an August “cyber symposium” on election fraud hosted by MyPillow executive Mike Lindell. Officials say that no sensitive data was obtained. This is substantially similar to an incident in Colorado earlier this year. Data from the Colorado incident was circulated at the same event. The FBI is investigating the incident.
Customers Impacted: Unknown
How It Could Affect Your Business: Insider threats can pop up anywhere and real havoc on an organization when they least expect it.
Cyprus – StripChat
https://therecord.media/adult-cam-site-stripchat-exposes-the-data-of-millions-of-users-and-cam-models/Exploit: Misconfiguration
StripChat: Adult Content Platform
Risk to Business: 1.615= Severe
StripChat, one of the world’s top 5 adult cam sites, has suffered a data breach that exposed more than its usual fare, including the personal data of millions of users and adult models. In a blunder discovered by security researchers, StripChat failed to properly configure an ElasticSearch database cluster, leaving data exposed for at least 3 days.
Individual Risk 1.802= Severe
Researchers listed the exposed data pertaining to 65 million users registered on the site including their username, email, IP address, ISP details, tip balance, account creation date, last login date and account status. Data for 421,000 models broadcasting on the site was also exposed including username, gender, studio ID, live status, tip menus/prices and strip scores. Other transaction data was also exposed.
How it Could Affect Your Business: The company hasn’t just failed at data security, at press time they had also failed to publicly disclose or acknowledge the incident, a sure path to a hefty GDPR fine.
Denmark – Vestas
https://portswigger.net/daily-swig/wind-turbine-giant-vestas-confirms-data-breach-following-cybersecurity-incidentExploit: Ransomware
Vestas: Wind Turbine Manufacturer
Risk to Business: 1.512= Severe
The world’s largest supplier of wind turbines Vestas has announced that it has experienced a suspected ransomware incident. The company says that its initial investigation has determined that data has been compromised, although no specifics about that data were given. The company says that the incident forced the shutdown of IT systems and has damaged parts of Vestas’ internal IT infrastructure. Recovery has begun, and the company has stressed that the impact on its manufacturing, construction and service arms has been minimal.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware and infrastructure components are going hand in hand these days, creating an elevated risk level for companies in infrastructure-related sectors.
Australia – Copyright Agency
https://www.itnews.com.au/news/australias-copyright-agency-investigates-cyber-incident-572982
Exploit: HackingCopyright Agency: Royalty Collection Agency
Risk to Business: 1.595 = Extreme
Australia’s Copyright Agency has suffered a data breach The agency which distributes royalties to authors, photographers and other creators for the reuse of their text and images, notified members of the incident last Friday. No information is yet available about what data may have been impacted, but there’s a possibility that extensive personal and financial data may have been exposed for the 37,000 creators that it services.
GoDaddy
https://techcrunch.com/2021/11/22/godaddy-breach-million-accounts/
Exploit: Credential CompromiseGoDaddy: Web Hosting Provider
Risk to Business: 1.527= Severe
GoDaddy has reported a data breach that may impact more than 1 million customers who use the service for WordPress hosting. The company detailed the incident in an SEC filing, declaring that it had detected unauthorized access to its systems where it hosts and manages its customers’ WordPress servers when someone used a compromised password for access around September 6. GoDaddy said it discovered the breach last week on November 17. The company warned that active customers had their sFTP credentials (for file transfers), and the usernames and passwords for their WordPress databases, which store all the user’s content, exposed in the breach. In some cases, the customer’s SSL (HTTPS) private key was exposed, which if abused could allow an attacker to impersonate a customer’s website or services. 1.2 million active and inactive managed WordPress users had their email addresses and customer numbers exposed in this incident.
Customers Impacted: 1.2 million
How It Could Affect Your Business: Third-party security risk is increasingly common in an interconnected world and building strong defenses helps protect against this unexpected danger.
California Pizza Kitchen
Exploit: HackingCalifornia Pizza Kitchen: Fast Casual Restaurant Chain
Risk to Business: 2.212=Severe
US casual dining chain California Pizza Kitchen has had a data security breach that impacts current and past employees. In a statement, the company disclosed that its systems were infiltrated by an unauthorized user on September 15. Those cybercriminals gained access to an undisclosed amount of data including employee records that contained at least employee names and SSNs.
Individual Risk: 1.907=Severe
In a filing with the Maine attorney general’s office, the company reported that 103,767 current and former employees had their names and Social Security numbers exposed.
How It Could Affect Your Business: A failure to secure employee data can be just as damaging and expensive as a failure to secure consumer data.
Lake County Board of Commissioners
https://www.washingtonpost.com/politics/attempted-breach-ohio-election/2021/11/19/12417a4c-488c-11ec-b8d9-232f4afe4d9b_story.htmlExploit: Insider Incident
Lake County Board of Commissioners: Election Regulator
Risk to Business: 1.502=Severe
The Washington Post is reporting that a data security incident occurred at the Lake County, Ohio Board of Elections. The attempted breach occurred on May 4 inside the county office of John Hamercheck (R), president of the Lake County Board of Commissioners. In this incident, a private laptop was plugged into the county network in Hamercheck’s office, capturing routine network traffic. That information was then distributed at an August “cyber symposium” on election fraud hosted by MyPillow executive Mike Lindell. Officials say that no sensitive data was obtained. This is substantially similar to an incident in Colorado earlier this year. Data from the Colorado incident was circulated at the same event. The FBI is investigating the incident.
Customers Impacted: Unknown
How It Could Affect Your Business: Insider threats can pop up anywhere and real havoc on an organization when they least expect it.
Cyprus – StripChat
https://therecord.media/adult-cam-site-stripchat-exposes-the-data-of-millions-of-users-and-cam-models/Exploit: Misconfiguration
StripChat: Adult Content Platform
Risk to Business: 1.615= Severe
StripChat, one of the world’s top 5 adult cam sites, has suffered a data breach that exposed more than its usual fare, including the personal data of millions of users and adult models. In a blunder discovered by security researchers, StripChat failed to properly configure an ElasticSearch database cluster, leaving data exposed for at least 3 days.
Individual Risk 1.802= Severe
Researchers listed the exposed data pertaining to 65 million users registered on the site including their username, email, IP address, ISP details, tip balance, account creation date, last login date and account status. Data for 421,000 models broadcasting on the site was also exposed including username, gender, studio ID, live status, tip menus/prices and strip scores. Other transaction data was also exposed.
How it Could Affect Your Business: The company hasn’t just failed at data security, at press time they had also failed to publicly disclose or acknowledge the incident, a sure path to a hefty GDPR fine.
Denmark – Vestas
https://portswigger.net/daily-swig/wind-turbine-giant-vestas-confirms-data-breach-following-cybersecurity-incidentExploit: Ransomware
Vestas: Wind Turbine Manufacturer
Risk to Business: 1.512= Severe
The world’s largest supplier of wind turbines Vestas has announced that it has experienced a suspected ransomware incident. The company says that its initial investigation has determined that data has been compromised, although no specifics about that data were given. The company says that the incident forced the shutdown of IT systems and has damaged parts of Vestas’ internal IT infrastructure. Recovery has begun, and the company has stressed that the impact on its manufacturing, construction and service arms has been minimal.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware and infrastructure components are going hand in hand these days, creating an elevated risk level for companies in infrastructure-related sectors.
Australia – Copyright Agency
https://www.itnews.com.au/news/australias-copyright-agency-investigates-cyber-incident-572982
Exploit: HackingCopyright Agency: Royalty Collection Agency
Risk to Business: 1.595 = Extreme
Australia’s Copyright Agency has suffered a data breach The agency which distributes royalties to authors, photographers and other creators for the reuse of their text and images, notified members of the incident last Friday. No information is yet available about what data may have been impacted, but there’s a possibility that extensive personal and financial data may have been exposed for the 37,000 creators that it services.