InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Advanced Technology Ventures
https://techcrunch.com/2021/08/03/atv-venture-capital-ransomware/
Exploit: RansomwareElectronic Arts (EA): Video Game Maker
Risk to Business: 1.207 = Extreme
Advanced Technology Ventures, a Silicon Valley venture capital firm with more than $1.8 billion in assets under its management, has disclosed that it was hit by a ransomware attack. The cybercriminals were able to steal personal information about the company’s private investors. ATV said it became aware of the attack on July 9 after its servers storing financial information were encrypted by ransomware. By July 26, the company learned that its investor data had been stolen from the servers before the files were encrypted, a hallmark of the “double extortion” tactic used by ransomware groups.
Individual Risk: 1.326 = Extreme
Investor data was accessed by cybercriminals. ATV believes the names, email addresses, phone numbers and Social Security numbers of the individual investors in ATV’s funds were stolen in the attack. Some 300 individuals were affected by the incident
How It Could Affect Your Business: Ransomware tactics like double and triple extortion allow cybercriminals to score even bigger paydays, making them very popular techniques.
SeniorAdvisor
https://www.infosecurity-magazine.com/news/senior-citizens-personal-data/Exploit: Misconfiguration
SeniorAdvisor: Senior Care Review Site
Risk to Business: 1.663 = Severe
Researchers have discovered a misconfigured Amazon S3 bucket owned by SeniorAdvisor, a site that provides ratings and information for senior care facilities. The bucket in question contained the personal data of more than three million people categorized as “leads”. The team found around 2000 “scrubbed” reviews in the misconfigured bucket, in which the user’s sensitive information was wiped or redacted. In total, it contained more than one million files and 182GB of data, none of which was encrypted and did not require a password or login credentials to access.
Risk to Individual: 1.271 = Severe
This exposed bucket was full of data including names, emails, phone numbers and dates contacted for every person designated as a lead, comprising an estimated 3 million consumers.
How it Could Affect Your Business: Companies are under the gun for cybersecurity risk often enough without rookie mistakes like failing to secure a database contributing to the danger.
University of Kentucky
https://therecord.media/university-of-kentucky-discovers-data-breach-during-scheduled-pen-test/Exploit: Hacking
University of Kentucky: Institution of Higher Learning
Risk to Business: 2.223=Severe
In a head-shaking turn of irony, officials at the University of Kentucky discovered that they’d already been breached while conducting a penetration test. The breach affected the university’s Digital Driver’s License platform, a web-based portal the university developed as a component of its Open-Source Tools for Instructional Support (OTIS) framework. That program provides free online teaching and test-taking capabilities to K-12 schools and colleges in Kentucky and other US states. University officials said that their investigation discovered that an unknown threat actor accessed the system between January 8, 2021, and February 6, 2021, to gain access to the DDL platform and acquire a copy of its internal database.
Risk to Business: 2.223=Severe
The database contained the names and email addresses of students and teachers in Kentucky and in all 50 states and 22 foreign countries, in all more than 355,000 individuals. The university was careful to note that the stolen information included only emails and passwords and no SSNs or financial details were included.
How it Could Affect Your Business: Cybercriminals have been increasingly setting their sights on education targets since the onset of the global pandemic, and that trend is not stopping in 2021.
Reindeer
https://www.enterprisesecuritytech.com/post/defunct-marketing-company-leaked-the-sensitive-data-of-over-300-000-peopleExploit: Misconfiguration
Reindeer: Digital Marketing Firm
Risk to Business: 1.705 = Severe
New York-based digital media advertising and marketing company Reindeer left an unpleasant surprise behind when it closed its doors: an Amazon S3 bucket exposed to public access resulting in the irreversible leak of 50,000 files for a total of 32 GB of exposed data. The information exposed included about 1,400 profile photos and the details of approximately 306,000 customers in total. Users in 35 countries were represented with the US, Canada, and Great Britain accounting for almost 280,000 of those users. Nothing can be done to secure this data now.
Individual Risk: 1.622 = Severe
PII exposed includes customer names, surnames, email addresses, dates of birth, physical addresses, hashed passwords, and Facebook IDs for an estimated 306,000 customers.
How it Could Affect Your Business: Unexpected risks from sources like zombie accounts are around every corner, so taking that possibility seriously and mitigating risk from nasty surprises is critical.
School District No. 73 (SD73, Kamloops-Thompson)
Exploit: Nation-State HackingSchool District No. 73 (SD73, Kamloops-Thompson): Education Provider
Risk to Business: 2.911 = Moderate
School District No. 73 (SD73, Kamloops-Thompson) said it was notified that third-party service provider that it uses for travel and medical insurance provider for its international student program, guard.me, experienced a data breach that potentially exposed student information. Guard.me released a statement about the data security incident that spawned this data exposure, noting that the incident occurred during June 2021.
Risk to Business: 2.936 = Moderate
Student personal information that may be impacted by this incident includes identity information, contact information and other information provided to support submitted claims. impacted individuals are encouraged to visit the Canadian Anti-Fraud Centre for further information about how to protect themselves.
How it Could Affect Your Business: Cyberattacks against service providers have been steadily increasing as cybercriminals strike at lynchpins to gain access to even more valuable data.
Italy – ERG
https://www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/Exploit: Ransomware
D-BOX: Gaming Specialty Electronics
Risk to Business: 1.919 = Severe
Italian energy company ERG reported minimal impact on infrastructure or consumer-facing services following a LockBit 2.0 ransomware incident. ERG is the leading Italian wind power operator and among the top ten onshore operators on the European market, with a growing presence in France, Germany, Poland, Romania, Bulgaria, and the United Kingdom. ERG was purchased by European power giant Enel earlier this week.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is the weapon of choice for both run-of-the-mill cybercriminals and nation-state threat actors. Every business needs to be ready for it.
Taiwan – Gigabyte
https://www.bleepingcomputer.com/news/security/computer-hardware-giant-gigabyte-hit-by-ransomexx-ransomware/Exploit: Misconfiguration
Gigabyte: Motherboard Manufacturer
Risk to Business: 1.602 = Severe
Motherboard manufacturer Gigabyte has been hit by the RansomEXX ransomware gang. The Taiwanese company was forced to shut down systems in Taiwan as well as multiple customer and consumer-facing websites of the company, including its support site and portions of the Taiwanese website. RansomEXX threat actors claimed to have stolen 112GB of data during the attack in an announcement on their leak site.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware operators are savvy to taking advantage of industries that are under stress as has been frequently exemplified in the last year.
Personally Identifiable Information (PII) refers to any information maintained by an agency that can be used to identify or trace a specific individual. In other words, it includes data points, such as social security number, date of birth, mother's maiden name, biometric data, tax identification number, race, religion, location data and other information, that can be used to deanonymize anonymous data.
If your organization handles PII, you must take steps to secure your customer data. Not only is it essential from a compliance standpoint, but with security breaches on the rise, you have to make sure customer PII is not being compromised. Risk Based Security revealed that by the end of 2020, a total of 36 billion records had been exposed and compromised. Of such data breaches, 60 percent are caused by insider threats or security threats that originate from within an organization. To make things worse, reports indicate that the number of insider incidents has increased by 47 percent over the last two years.
Let's deep dive into the potential risks that insider threats pose to PII, especially for healthcare and financial institutions, and how you can protect your organization against such threats.
An insider threat is a security risk that originates from within your organization and is usually someone with authorized access misusing data (intentionally or unintentionally) to harm your company or your customers. The culprit could be any individual who has authorized access to confidential and sensitive company information, right from your present or former employees to consultants, partners or contractors.
If you don't secure your employee or customer PII, you leave yourself vulnerable to data breaches. Insider-led data breaches are widespread and can happen in multiple ways – from a negligent employee inadvertently downloading malicious malware to a disgruntled contractor selling customer data on the Dark Web to make money.
Insider-led data breaches are hard to detect because the threat actors have legitimate access and are probably familiar with your cybersecurity defense tools as well. It is much easier for them to circumvent your defenses, access sensitive customer data and expose it.
As a healthcare or financial institution, if your customer PII is exposed, it can cause a great deal of trouble to both your company and your customers. Let’s look at some of the potential risks:
With the insider threat landscape constantly evolving, businesses need to step up and secure PII and other sensitive data more effectively. By failing to do so, you could end up putting the future of your customers, employees and company in grave danger. Here are a few tips to help you get started:
Unsure about how you can protect Personally Identifiable Information? Get in touch with us today!
Article curated and used by permission.
Data Sources:
If your organization handles PII, you must take steps to secure your customer data. Not only is it essential from a compliance standpoint, but with security breaches on the rise, you have to make sure customer PII is not being compromised. Risk Based Security revealed that by the end of 2020, a total of 36 billion records had been exposed and compromised. Of such data breaches, 60 percent are caused by insider threats or security threats that originate from within an organization. To make things worse, reports indicate that the number of insider incidents has increased by 47 percent over the last two years.
Let's deep dive into the potential risks that insider threats pose to PII, especially for healthcare and financial institutions, and how you can protect your organization against such threats.
Potential Risks
An insider threat is a security risk that originates from within your organization and is usually someone with authorized access misusing data (intentionally or unintentionally) to harm your company or your customers. The culprit could be any individual who has authorized access to confidential and sensitive company information, right from your present or former employees to consultants, partners or contractors.
If you don't secure your employee or customer PII, you leave yourself vulnerable to data breaches. Insider-led data breaches are widespread and can happen in multiple ways – from a negligent employee inadvertently downloading malicious malware to a disgruntled contractor selling customer data on the Dark Web to make money.
Insider-led data breaches are hard to detect because the threat actors have legitimate access and are probably familiar with your cybersecurity defense tools as well. It is much easier for them to circumvent your defenses, access sensitive customer data and expose it.
As a healthcare or financial institution, if your customer PII is exposed, it can cause a great deal of trouble to both your company and your customers. Let’s look at some of the potential risks:
Risks to Your Company
Reputational damage
Financial loss
Ransomware costs
Operational standstill
Risks to Your Customers
Identity theft
Social engineering attacks
Blackmail campaigns
How to Secure PII
With the insider threat landscape constantly evolving, businesses need to step up and secure PII and other sensitive data more effectively. By failing to do so, you could end up putting the future of your customers, employees and company in grave danger. Here are a few tips to help you get started:
- Use behavioral analytics to set up unique behavioral profiles for all insiders and detect insiders accessing data not associated with their job functions.
- Implement access and permission controls to review, revise and restrict unnecessary user access privileges, permissions and rights.
- Review the PII data you have already collected, where it is stored and who has access to it, and then securely delete what is not necessary for the business to operate.
- Set up an acceptable PII usage policy that defines how PII data should be classified, stored, accessed and protected.
- Make sure your PII policy is compliant with different privacy and data regulations that apply to your business.
- Upgrade your storage holdings to ensure the data lives in a SOC2-protected data center.
- Cut down on inadvertent insiders by implementing mandatory cybersecurity and data security training programs.
- Make use of software that will help you protect PII.
Unsure about how you can protect Personally Identifiable Information? Get in touch with us today!
Article curated and used by permission.
Data Sources:
- https://www.securitymagazine.com/articles/94076-the-top-10-data-breaches-of-2020#:
- https://securityintelligence.com/posts/what-are-insider-threats-and-how-can-you-mitigate-them/
- https://techjury.net/blog/insider-threat-statistics/#gref
- https://www.databreachtoday.com/whitepapers/ponemon-institute-study-reputation-impact-data-breach-w-540
- https://www.csoonline.com/article/3434601/what-is-the-cost-of-a-data-breach.html
Personally Identifiable Information (PII) refers to any information maintained by an agency that can be used to identify or trace a specific individual. In other words, it includes data points, such as social security number, date of birth, mother's maiden name, biometric data, tax identification number, race, religion, location data and other information, that can be used to deanonymize anonymous data.
If your organization handles PII, you must take steps to secure your customer data. Not only is it essential from a compliance standpoint, but with security breaches on the rise, you have to make sure customer PII is not being compromised. Risk Based Security revealed that by the end of 2020, a total of 36 billion records had been exposed and compromised. Of such data breaches, 60 percent are caused by insider threats or security threats that originate from within an organization. To make things worse, reports indicate that the number of insider incidents has increased by 47 percent over the last two years.
Let's deep dive into the potential risks that insider threats pose to PII, especially for healthcare and financial institutions, and how you can protect your organization against such threats.
An insider threat is a security risk that originates from within your organization and is usually someone with authorized access misusing data (intentionally or unintentionally) to harm your company or your customers. The culprit could be any individual who has authorized access to confidential and sensitive company information, right from your present or former employees to consultants, partners or contractors.
If you don't secure your employee or customer PII, you leave yourself vulnerable to data breaches. Insider-led data breaches are widespread and can happen in multiple ways – from a negligent employee inadvertently downloading malicious malware to a disgruntled contractor selling customer data on the Dark Web to make money.
Insider-led data breaches are hard to detect because the threat actors have legitimate access and are probably familiar with your cybersecurity defense tools as well. It is much easier for them to circumvent your defenses, access sensitive customer data and expose it.
As a healthcare or financial institution, if your customer PII is exposed, it can cause a great deal of trouble to both your company and your customers. Let’s look at some of the potential risks:
With the insider threat landscape constantly evolving, businesses need to step up and secure PII and other sensitive data more effectively. By failing to do so, you could end up putting the future of your customers, employees and company in grave danger. Here are a few tips to help you get started:
Unsure about how you can protect Personally Identifiable Information? Get in touch with us today!
Article curated and used by permission.
Data Sources:
If your organization handles PII, you must take steps to secure your customer data. Not only is it essential from a compliance standpoint, but with security breaches on the rise, you have to make sure customer PII is not being compromised. Risk Based Security revealed that by the end of 2020, a total of 36 billion records had been exposed and compromised. Of such data breaches, 60 percent are caused by insider threats or security threats that originate from within an organization. To make things worse, reports indicate that the number of insider incidents has increased by 47 percent over the last two years.
Let's deep dive into the potential risks that insider threats pose to PII, especially for healthcare and financial institutions, and how you can protect your organization against such threats.
Potential Risks
An insider threat is a security risk that originates from within your organization and is usually someone with authorized access misusing data (intentionally or unintentionally) to harm your company or your customers. The culprit could be any individual who has authorized access to confidential and sensitive company information, right from your present or former employees to consultants, partners or contractors.
If you don't secure your employee or customer PII, you leave yourself vulnerable to data breaches. Insider-led data breaches are widespread and can happen in multiple ways – from a negligent employee inadvertently downloading malicious malware to a disgruntled contractor selling customer data on the Dark Web to make money.
Insider-led data breaches are hard to detect because the threat actors have legitimate access and are probably familiar with your cybersecurity defense tools as well. It is much easier for them to circumvent your defenses, access sensitive customer data and expose it.
As a healthcare or financial institution, if your customer PII is exposed, it can cause a great deal of trouble to both your company and your customers. Let’s look at some of the potential risks:
Risks to Your Company
Reputational damage
Financial loss
Ransomware costs
Operational standstill
Risks to Your Customers
Identity theft
Social engineering attacks
Blackmail campaigns
How to Secure PII
With the insider threat landscape constantly evolving, businesses need to step up and secure PII and other sensitive data more effectively. By failing to do so, you could end up putting the future of your customers, employees and company in grave danger. Here are a few tips to help you get started:
- Use behavioral analytics to set up unique behavioral profiles for all insiders and detect insiders accessing data not associated with their job functions.
- Implement access and permission controls to review, revise and restrict unnecessary user access privileges, permissions and rights.
- Review the PII data you have already collected, where it is stored and who has access to it, and then securely delete what is not necessary for the business to operate.
- Set up an acceptable PII usage policy that defines how PII data should be classified, stored, accessed and protected.
- Make sure your PII policy is compliant with different privacy and data regulations that apply to your business.
- Upgrade your storage holdings to ensure the data lives in a SOC2-protected data center.
- Cut down on inadvertent insiders by implementing mandatory cybersecurity and data security training programs.
- Make use of software that will help you protect PII.
Unsure about how you can protect Personally Identifiable Information? Get in touch with us today!
Article curated and used by permission.
Data Sources:
- https://www.securitymagazine.com/articles/94076-the-top-10-data-breaches-of-2020#:
- https://securityintelligence.com/posts/what-are-insider-threats-and-how-can-you-mitigate-them/
- https://techjury.net/blog/insider-threat-statistics/#gref
- https://www.databreachtoday.com/whitepapers/ponemon-institute-study-reputation-impact-data-breach-w-540
- https://www.csoonline.com/article/3434601/what-is-the-cost-of-a-data-breach.html
Electronic Arts (EA)
https://therecord.media/hackers-leak-full-ea-data-after-failed-extortion-attempt/Exploit: Hacking
Electronic Arts (EA): Video Game Maker
Risk to Business: 1.311 = Extreme
Hackers have leaked an estimated 751GB of compressed EA data containing FIFA 21 source code on a dark web forum. Initially, they released a cache of 1.3GB of FIFA source code on July 14 as part of a demand for payment to stop them from releasing the rest, but after EA refused to play ball, the rest was added. According to reports, the hackers used the authentication cookies to mimic an already-logged-in EA employee’s account and access EA’s Slack channel and then tricked an EA IT support staffer into granting them access to the company’s internal network, ultimately allowing them to download more than 780GB of source code from the company’s internal code repositories. EA says that no player information was ever at risk and they’ve fixed the problem internally.
How It Could Affect Your Business: Part of this hacking incident was powered by impersonation, which is a form of phishing, and is reminiscent of the 2020 Twitter hack that enabled cybercriminals to gain access to celebrity accounts by impersonating Twitter workers.
University of San Diego Health
https://www.bleepingcomputer.com/news/security/uc-san-diego-health-discloses-data-breach-after-phishing-attack/Exploit: Phishing
University of San Diego Health: Hospital System
Risk to Business: 1.663 = Severe
UC San Diego Health has disclosed a data breach after the compromise of some employees’ email accounts. UC San Diego Health discovered that cybercriminals had gained access to some of its employees’ email accounts through a phishing attack. The attackers may have accessed the personal information of patients, employees and students between December 2, 2020, and April 8, 2021.
Risk to Individual: 1.271 = Severe
Potentially impacted information includes: patients’ full name, address, date of birth, email, fax number, claims information (date and cost of health care services and claims identifiers), laboratory results, medical diagnosis and conditions, Medical Record Number and other medical identifiers, prescription information, treatment information, medical information, Social Security number, government identification number, payment card number or financial account number and security code, student ID number and username and password. The hospital will offer free credit monitoring and identity theft protection services through Experian IdentityWorks for one year and is contacting impacted individuals via mail.
How it Could Affect Your Business: Medical data is some of the hottest data to sell in dark web markets, earning cybercriminals a substantial profit and this hospital substantial fines under HIPAA and California Privacy regulations.
City of Grass Valley, CA
https://sacramento.cbslocal.com/2021/07/29/grass-valley-cyberattack-ransom/
Exploit: RansomwareCity of Grass Valley, CA: Municipality
Risk to Business: 2.223=Severe
Municipalities have been ripe targets for cybercriminals, and they’ve scored another payday in Grass Valley, California. City services except emergency services experienced outages and the city ultimately chose to pay the ransom, citing data privacy concerns for its citizens. Grass Valley officials said the Federal Bureau of Investigation (FBI) was contacted. Several state agencies are still investigating. Services were restored after the ransom payment. Federal agencies including CISA and the FBI strongly discourage paying ransoms which is illegal in many circumstances.
How it Could Affect Your Business: Cybercriminals have been striking municipalities and similar authorities frequently. Historically poor cybersecurity combined with a tendency to simply pay ransoms makes this a growth industry for cybercrime.
Calgary Parking Authority
https://calgaryherald.com/news/local-news/calgarians-personal-data-exposed-in-parking-authority-security-breachExploit: Misconfiguration
Calgary Parking Authority: Municipal Entity
Risk to Business: 1.705 = Severe
Calgary Parking Authority recently experienced a breach that exposed the personal information of vehicle owners. A misconfigured server containing computer-readable technical logs, payments, parking tickets, driver personal data and more was discovered in the wild by researchers. Reports say that the server, used to monitor the authority’s parking system for bugs and errors, was left on the internet without a password in a security blunder.
Individual Risk: 1.622 = Severe
Data exposed includes drivers’ full names, dates of birth, phone numbers, email addresses and postal addresses, as well as details of parking tickets and parking offenses, including license plates and vehicle descriptions, and in some cases the location data of where the alleged parking offense took place. The logs also contained some partial card payment numbers and expiry dates.
How it Could Affect Your Business: It’s hard enough to stay ahead of hackers without giving them an easy payday by making sloppy mistakes. Building a strong security culture is vital for keeping systems and data safe.
Homewood Health
https://bc.ctvnews.ca/unknown-number-of-british-columbians-personal-information-for-sale-online-after-health-company-extorted-1.5525715Exploit: Nation-State Hacking
Homewood Health: Healthcare Provider
Risk to Business: 1.926 = Severe
Ontario-based Homewood Health has disclosed that it fell victim to hacking earlier this year. The organization has begun contacting companies and agencies whose information may be compromised, including BC Housing, TransLink and the Provincial Health Services Authority. The organization is blaming the breach on the state-sponsored Chinese hackers Hafnium.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks against service providers have been steadily increasing as cybercriminals strike at lynchpins to gain access to even more valuable data.
D-BOX
https://cyberintelmag.com/attacks-data-breaches/entertainment-company-d-box-recovers-from-ransomware-cyberattack/Exploit: Ransomware
D-BOX: Gaming Specialty Electronics
Risk to Business: 1.919 = Severe
Canadian immersive entertainment technology provider D-BOX said it was gradually resuming its activities following a ransomware attack. The company said it had worked with incident response experts to determine that the impact was limited to internal systems and that its services to studios and theatre operators were not affected. All services have now been restored. The company has stated that it believes that its policy of segmentation between internal and customer-focused systems helped protect its clients.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is the weapon of choice for both run-of-the-mill cybercriminals and nation state threat actors. Every business needs to be ready for it.
The Netherlands – Raven Hengelsport
https://www.theregister.com/2021/07/27/azure_blob_raven_hengelsport/Exploit: Misconfiguration
Raven Hengelsport: Specialty Fishing Supply
Risk to Business: 1.602 = Severe
Dutch fishing supply specialist Raven Hengelsport left details of around 246,000 customers visible to anyone on a misconfigured Microsoft Azure cloud server for months. That server, hosting 18GB of company data covering at least 246,000 customers across 450,000 records, was discovered by security researchers and had purportedly been wide open for months. Even after researchers attempted to contact the company it took a long time for them to do anything about it.
Individual Risk: 2.416 = Moderate
The bonanza of information contained customer IDs, delivery dates, discounts, shipping fees, payments and shipment tracking numbers as well as PII like names, surnames, addresses, genders, phone numbers, email addresses and business names.
How it Could Affect Your Business: Mistakes like this are only compounded by blunders in the response. It shows clients that you aren’t concerned about their security if you aren’t concerned about yours.
Electronic Arts (EA)
https://therecord.media/hackers-leak-full-ea-data-after-failed-extortion-attempt/Exploit: Hacking
Electronic Arts (EA): Video Game Maker
Risk to Business: 1.311 = Extreme
Hackers have leaked an estimated 751GB of compressed EA data containing FIFA 21 source code on a dark web forum. Initially, they released a cache of 1.3GB of FIFA source code on July 14 as part of a demand for payment to stop them from releasing the rest, but after EA refused to play ball, the rest was added. According to reports, the hackers used the authentication cookies to mimic an already-logged-in EA employee’s account and access EA’s Slack channel and then tricked an EA IT support staffer into granting them access to the company’s internal network, ultimately allowing them to download more than 780GB of source code from the company’s internal code repositories. EA says that no player information was ever at risk and they’ve fixed the problem internally.
How It Could Affect Your Business: Part of this hacking incident was powered by impersonation, which is a form of phishing, and is reminiscent of the 2020 Twitter hack that enabled cybercriminals to gain access to celebrity accounts by impersonating Twitter workers.
University of San Diego Health
https://www.bleepingcomputer.com/news/security/uc-san-diego-health-discloses-data-breach-after-phishing-attack/Exploit: Phishing
University of San Diego Health: Hospital System
Risk to Business: 1.663 = Severe
UC San Diego Health has disclosed a data breach after the compromise of some employees’ email accounts. UC San Diego Health discovered that cybercriminals had gained access to some of its employees’ email accounts through a phishing attack. The attackers may have accessed the personal information of patients, employees and students between December 2, 2020, and April 8, 2021.
Risk to Individual: 1.271 = Severe
Potentially impacted information includes: patients’ full name, address, date of birth, email, fax number, claims information (date and cost of health care services and claims identifiers), laboratory results, medical diagnosis and conditions, Medical Record Number and other medical identifiers, prescription information, treatment information, medical information, Social Security number, government identification number, payment card number or financial account number and security code, student ID number and username and password. The hospital will offer free credit monitoring and identity theft protection services through Experian IdentityWorks for one year and is contacting impacted individuals via mail.
How it Could Affect Your Business: Medical data is some of the hottest data to sell in dark web markets, earning cybercriminals a substantial profit and this hospital substantial fines under HIPAA and California Privacy regulations.
City of Grass Valley, CA
https://sacramento.cbslocal.com/2021/07/29/grass-valley-cyberattack-ransom/
Exploit: RansomwareCity of Grass Valley, CA: Municipality
Risk to Business: 2.223=Severe
Municipalities have been ripe targets for cybercriminals, and they’ve scored another payday in Grass Valley, California. City services except emergency services experienced outages and the city ultimately chose to pay the ransom, citing data privacy concerns for its citizens. Grass Valley officials said the Federal Bureau of Investigation (FBI) was contacted. Several state agencies are still investigating. Services were restored after the ransom payment. Federal agencies including CISA and the FBI strongly discourage paying ransoms which is illegal in many circumstances.
How it Could Affect Your Business: Cybercriminals have been striking municipalities and similar authorities frequently. Historically poor cybersecurity combined with a tendency to simply pay ransoms makes this a growth industry for cybercrime.
Calgary Parking Authority
https://calgaryherald.com/news/local-news/calgarians-personal-data-exposed-in-parking-authority-security-breachExploit: Misconfiguration
Calgary Parking Authority: Municipal Entity
Risk to Business: 1.705 = Severe
Calgary Parking Authority recently experienced a breach that exposed the personal information of vehicle owners. A misconfigured server containing computer-readable technical logs, payments, parking tickets, driver personal data and more was discovered in the wild by researchers. Reports say that the server, used to monitor the authority’s parking system for bugs and errors, was left on the internet without a password in a security blunder.
Individual Risk: 1.622 = Severe
Data exposed includes drivers’ full names, dates of birth, phone numbers, email addresses and postal addresses, as well as details of parking tickets and parking offenses, including license plates and vehicle descriptions, and in some cases the location data of where the alleged parking offense took place. The logs also contained some partial card payment numbers and expiry dates.
How it Could Affect Your Business: It’s hard enough to stay ahead of hackers without giving them an easy payday by making sloppy mistakes. Building a strong security culture is vital for keeping systems and data safe.
Homewood Health
https://bc.ctvnews.ca/unknown-number-of-british-columbians-personal-information-for-sale-online-after-health-company-extorted-1.5525715Exploit: Nation-State Hacking
Homewood Health: Healthcare Provider
Risk to Business: 1.926 = Severe
Ontario-based Homewood Health has disclosed that it fell victim to hacking earlier this year. The organization has begun contacting companies and agencies whose information may be compromised, including BC Housing, TransLink and the Provincial Health Services Authority. The organization is blaming the breach on the state-sponsored Chinese hackers Hafnium.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks against service providers have been steadily increasing as cybercriminals strike at lynchpins to gain access to even more valuable data.
D-BOX
https://cyberintelmag.com/attacks-data-breaches/entertainment-company-d-box-recovers-from-ransomware-cyberattack/Exploit: Ransomware
D-BOX: Gaming Specialty Electronics
Risk to Business: 1.919 = Severe
Canadian immersive entertainment technology provider D-BOX said it was gradually resuming its activities following a ransomware attack. The company said it had worked with incident response experts to determine that the impact was limited to internal systems and that its services to studios and theatre operators were not affected. All services have now been restored. The company has stated that it believes that its policy of segmentation between internal and customer-focused systems helped protect its clients.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is the weapon of choice for both run-of-the-mill cybercriminals and nation state threat actors. Every business needs to be ready for it.
The Netherlands – Raven Hengelsport
https://www.theregister.com/2021/07/27/azure_blob_raven_hengelsport/Exploit: Misconfiguration
Raven Hengelsport: Specialty Fishing Supply
Risk to Business: 1.602 = Severe
Dutch fishing supply specialist Raven Hengelsport left details of around 246,000 customers visible to anyone on a misconfigured Microsoft Azure cloud server for months. That server, hosting 18GB of company data covering at least 246,000 customers across 450,000 records, was discovered by security researchers and had purportedly been wide open for months. Even after researchers attempted to contact the company it took a long time for them to do anything about it.
Individual Risk: 2.416 = Moderate
The bonanza of information contained customer IDs, delivery dates, discounts, shipping fees, payments and shipment tracking numbers as well as PII like names, surnames, addresses, genders, phone numbers, email addresses and business names.
How it Could Affect Your Business: Mistakes like this are only compounded by blunders in the response. It shows clients that you aren’t concerned about their security if you aren’t concerned about yours.