InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Florida Department for Economic Opportunity (DEO)
https://stpetecatalyst.com/zaps/floridas-deo-warns-of-unemployment-data-breach-affecting-nearly-58000/Exploit: Hacking
Florida Department for Economic Opportunity (DEO): State Government Agency
Risk to Business: 2.550 = Severe
Records from more than 58,000 Florida unemployment accounts have been stolen in a data breach. The information was stolen in a suspected malicious insider incident, although details are sketchy. The stolen information was contained in the DEO’s online unemployment benefit system, called CONNECT, and the records stolen fall between April 27 and July 16, 2021. The incident is still under investigation.
Individual Risk: 1.663= Severe
Exposed information includes social security numbers, bank account information and other personal details that users may have stored in CONNECT. The DEO purchased a year’s subscription of LifeLock Identify protector services for all those affected.
How It Could Affect Your Business: Personal data is the cybercriminal’s bread and butter, especially when financial information is involved because it is quickly saleable in the busy dark web data markets.
Yale New Haven Health
Exploit: Third-Party Data BreachYale New Haven Health: Medical System
Risk to Business: 1.716 = Severe
Patients at Yale New Haven Health are being warned that their information has been stolen in an incident at a third-party vendor, Elekta. That company facilitates cancer treatments and was the victim of a ransomware attack just a few weeks ago that is rippling out to catch many medical institutions. Yale New Haven Health contends that hackers had no access to patient medical records, and a very small number of customers had financial information stolen.
Risk to Individual: 2.601 = Severe
Officials said that certain demographic information such as names, addresses, phone numbers, emails, Social Security numbers, treatment locations and preferred languages were included in the Elekta databases impacted by the breach. A small group of people may have had their financial information exposed. Anyone with information that could have been exposed will be notified by mail and people who may have had their financial information exposed will be offered complimentary credit monitoring service.
How it Could Affect Your Business: Medical data is some of the hottest data to sell in dark web markets, earning cybercriminals a substantial profit and this company a substantial HIPAA fine.
Mobile County, Alabama
https://www.wkrg.com/news/mobile-county-commission-notifies-employees-of-data-breach/
Exploit: HackingMobile County, Alabama: Local Government
Risk to Business: 2.223=Severe
The Mobile County Commission has officially notified county employees of a computer system breach where employee data and sensitive information were at risk the county has announced that certain computer systems were subject to unauthorized access on May 24, 2021, culminating in employee information at risk. This is a developing situation as the investigation winds down. The county had initially stated that no sensitive information was exposed.
Individual Risk: 2.223=Severe
Mobile County alerted all employees, more than 1,600 people, that their information may have been exposed including Social Security numbers, dates of birth and other sensitive information. Also at risk, health insurance contract numbers for employees subscribed to receive health coverage and routing numbers for employees enrolled in direct deposit with the county.
How it Could Affect Your Business: Even a small amount of data is attractive to data thieves who especially love vital information and financial data.
United Kingdom – Guntrader
https://www.theregister.com/2021/07/23/guntrader_hacked_111k_users_sql_database/Exploit: Hacking
Guntrader: Gun Ownership Management System
Risk to Business: 1.705 = Severe
Hackers hit a website used for buying and selling firearms in the UK making off with a 111,000-entry database containing partial information from a CRM product used by gun shops across the UK. The SQL database powered both the Guntrader.uk buy-and-sell website and its electronic gun shop register product, comprising about 111,000 users and dating between 2016 and 17 July this year. The Information Commissioner’s Office was informed and an investigation is underway.
Individual Risk: 1.622 = Severe
The database that the hackers scored provided a wealth of information about firearms enthusiasts in the UK including names, mobile phone numbers, email addresses, user geolocation data, and more including bcrypt-hashed passwords.
How it Could Affect Your Business: Hackers are always in the market for fresh data, and this kind of information will net them a hefty profit fast.
Florida Department for Economic Opportunity (DEO)
https://stpetecatalyst.com/zaps/floridas-deo-warns-of-unemployment-data-breach-affecting-nearly-58000/Exploit: Hacking
Florida Department for Economic Opportunity (DEO): State Government Agency
Risk to Business: 2.550 = Severe
Records from more than 58,000 Florida unemployment accounts have been stolen in a data breach. The information was stolen in a suspected malicious insider incident, although details are sketchy. The stolen information was contained in the DEO’s online unemployment benefit system, called CONNECT, and the records stolen fall between April 27 and July 16, 2021. The incident is still under investigation.
Individual Risk: 1.663= Severe
Exposed information includes social security numbers, bank account information and other personal details that users may have stored in CONNECT. The DEO purchased a year’s subscription of LifeLock Identify protector services for all those affected.
How It Could Affect Your Business: Personal data is the cybercriminal’s bread and butter, especially when financial information is involved because it is quickly saleable in the busy dark web data markets.
Yale New Haven Health
Exploit: Third-Party Data BreachYale New Haven Health: Medical System
Risk to Business: 1.716 = Severe
Patients at Yale New Haven Health are being warned that their information has been stolen in an incident at a third-party vendor, Elekta. That company facilitates cancer treatments and was the victim of a ransomware attack just a few weeks ago that is rippling out to catch many medical institutions. Yale New Haven Health contends that hackers had no access to patient medical records, and a very small number of customers had financial information stolen.
Risk to Individual: 2.601 = Severe
Officials said that certain demographic information such as names, addresses, phone numbers, emails, Social Security numbers, treatment locations and preferred languages were included in the Elekta databases impacted by the breach. A small group of people may have had their financial information exposed. Anyone with information that could have been exposed will be notified by mail and people who may have had their financial information exposed will be offered complimentary credit monitoring service.
How it Could Affect Your Business: Medical data is some of the hottest data to sell in dark web markets, earning cybercriminals a substantial profit and this company a substantial HIPAA fine.
Mobile County, Alabama
https://www.wkrg.com/news/mobile-county-commission-notifies-employees-of-data-breach/
Exploit: HackingMobile County, Alabama: Local Government
Risk to Business: 2.223=Severe
The Mobile County Commission has officially notified county employees of a computer system breach where employee data and sensitive information were at risk the county has announced that certain computer systems were subject to unauthorized access on May 24, 2021, culminating in employee information at risk. This is a developing situation as the investigation winds down. The county had initially stated that no sensitive information was exposed.
Individual Risk: 2.223=Severe
Mobile County alerted all employees, more than 1,600 people, that their information may have been exposed including Social Security numbers, dates of birth and other sensitive information. Also at risk, health insurance contract numbers for employees subscribed to receive health coverage and routing numbers for employees enrolled in direct deposit with the county.
How it Could Affect Your Business: Even a small amount of data is attractive to data thieves who especially love vital information and financial data.
United Kingdom – Guntrader
https://www.theregister.com/2021/07/23/guntrader_hacked_111k_users_sql_database/Exploit: Hacking
Guntrader: Gun Ownership Management System
Risk to Business: 1.705 = Severe
Hackers hit a website used for buying and selling firearms in the UK making off with a 111,000-entry database containing partial information from a CRM product used by gun shops across the UK. The SQL database powered both the Guntrader.uk buy-and-sell website and its electronic gun shop register product, comprising about 111,000 users and dating between 2016 and 17 July this year. The Information Commissioner’s Office was informed and an investigation is underway.
Individual Risk: 1.622 = Severe
The database that the hackers scored provided a wealth of information about firearms enthusiasts in the UK including names, mobile phone numbers, email addresses, user geolocation data, and more including bcrypt-hashed passwords.
How it Could Affect Your Business: Hackers are always in the market for fresh data, and this kind of information will net them a hefty profit fast.
Campbell Conroy & O’Neil, P.C. (Campbell)
https://www.bleepingcomputer.com/news/security/ransomware-hits-law-firm-counseling-fortune-500-global-500-companies/Exploit: Ransomware
Campbell Conroy & O’Neil, P.C. (Campbell): Law Firm
Risk to Business: 1.201= Extreme
Campbell Conroy & O’Neil, P.C. (Campbell), a law firm that counts dozens of Fortune 500 and Global 500 companies among its clientele, has disclosed a data breach following a February 2021 ransomware attack. The firm’s client list includes high-profile companies from various industry sectors, including automotive, aviation, energy, insurance, pharmaceutical, retail, hospitality, and transportation. At the time, it was unclear if client data had been stolen, but the investigation has since determined that client data was stolen.
Individual Risk: 1.963= Severe
The crooks made off with data about clients including names, dates of birth, driver’s license numbers, state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data. Usernames and passwords were also snatched. and/or online account credentials (i.e. usernames and passwords).” The firm24 months of free access to credit monitoring, fraud consultation, and identity theft restoration services to all individuals whose Social Security numbers or equivalent information was exposed during the attack
How It Could Affect Your Business: This data abiut major companies and powerful business executives is cybercriminal gold and quickly saleable in the busy dark web data markets.
Forefront Dermatology S.C.
https://www.databreachtoday.com/dermatology-clinic-chain-breach-affects-24-million-a-17074Exploit: Ransomware
Forefront Dermatology S.C.: Medical Network
Risk to Business: 2.216 = Severe
Forefront Dermatology S.C, a Wisconsin-based dermatology practice with affiliated offices in 21 states plus Washington, D.C., is notifying 2.4 million patients, employees and clinicians of a ransomware incident it recently experienced. Cuba ransomware is believed to be the culprit. The incident is the third-largest healthcare breach of 2021 so far. Xperts who spotted the data dump on a darknet site said that it was approximately 47 MB, including more than 130 files with information on the entity’s system and network, with security and backup details, and all their logins for vendor sites.
Risk to Individual: 2.462 = Severe
The company has announced that potentially compromised patient, clinician and employee information includes name, address, date of birth, patient account number, health insurance plan member ID number, medical record number, dates of service, provider names, and/or medical and clinical treatment information.
How it Could Affect Your Business: Medical data is some of the hottest product to sell in dark web markets, earning cybercriminals a substantial profit and this company a substatial HIPAA fine.
Guess
https://www.zdnet.com/article/guess-announces-breach-of-employee-ssns-and-financial-data-after-darkside-attack/Exploit: Ransomware
Guess: Fashion Brand
Risk to Business: 2.223=Severe
Fashion brand Guess, known for their salacious 90’s advertising campaigns, was hit with a ransomware attack from an unexpected source: Darkside. Sources are mixed as to whether this is a new operation or an old one just coming to light. Guess would not confirm that the incident occurred, but dark web researchers uncovered 200 GB of data from the fashion brand on a leak site. No consumer financial information was reported as stolen.
Customers Impacted: Unknown
How it Could Affect Your Business: Proproetary data about businesses and their products is a hot seller on the dark web, especially if blueprints, formulas or similar information is included.
Mint Mobile
https://www.bleepingcomputer.com/news/security/mint-mobile-hit-by-a-data-breach-after-numbers-ported-data-accessed/Exploit: Hacking
Mint Mobile: Mobile Network Carrier
Risk to Business: 1.575 = Severe
California-based Mint Mobile has disclosed a data breach. The company says that an unauthorized person gained access to their data including subscribers’ account information. The miscreants also ported phone numbers to another carrier.
Individual Risk: 1.502 = Severe
Exposed client data may include name, address, telephone number, email address, password, bill amount, international call detail information, telephone number, account number and subscription features.
How it Could Affect Your Business: Hackers are always in the market for fresh data, and this kind of prorietary information is a goldmine for them.
United Kingdom – Northern Railway
Exploit: RansomwareNorthern Trains: Government-Run Transportation Authority
Risk to Business: 1.302 = Extreme
Railway passengers in Northern England got an unpleasant surprise when they discovered that ticket machines on Northern Trains’ network were knocked offline following a ransomware attack. Run by the British government, Northern Trains said no customer or payment data had been compromised, and that customers could still buy tickets online.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks againts utilities and quasi-utility infrastructure have been steadily increasing, and businesses in those sectors need to step up their protection to stay safe.
Ecuador – Corporación Nacional de Telecomunicación (CNT)
https://www.bleepingcomputer.com/news/security/ecuadors-state-run-cnt-telco-hit-by-ransomexx-ransomware/Exploit: Hacking
Corporación Nacional de Telecomunicación (CNT): State Run Telecommunications Utility
Risk to Business: 1.919 = Severe
Ecuador’s state-run Corporación Nacional de Telecomunicación (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal and customer support. This company provides telecommunications services including fixed-line phone service, mobile, satellite TV, and internet connectivity. The attack has shut online payment systems down. RansomEXX is suspected to be the culprit. An investigation and systems restoration is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Business: Customer satisfaction is bound to be severely impacted by the loss of online payment systems.
Campbell Conroy & O’Neil, P.C. (Campbell)
https://www.bleepingcomputer.com/news/security/ransomware-hits-law-firm-counseling-fortune-500-global-500-companies/Exploit: Ransomware
Campbell Conroy & O’Neil, P.C. (Campbell): Law Firm
Risk to Business: 1.201= Extreme
Campbell Conroy & O’Neil, P.C. (Campbell), a law firm that counts dozens of Fortune 500 and Global 500 companies among its clientele, has disclosed a data breach following a February 2021 ransomware attack. The firm’s client list includes high-profile companies from various industry sectors, including automotive, aviation, energy, insurance, pharmaceutical, retail, hospitality, and transportation. At the time, it was unclear if client data had been stolen, but the investigation has since determined that client data was stolen.
Individual Risk: 1.963= Severe
The crooks made off with data about clients including names, dates of birth, driver’s license numbers, state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data. Usernames and passwords were also snatched. and/or online account credentials (i.e. usernames and passwords).” The firm24 months of free access to credit monitoring, fraud consultation, and identity theft restoration services to all individuals whose Social Security numbers or equivalent information was exposed during the attack
How It Could Affect Your Business: This data abiut major companies and powerful business executives is cybercriminal gold and quickly saleable in the busy dark web data markets.
Forefront Dermatology S.C.
https://www.databreachtoday.com/dermatology-clinic-chain-breach-affects-24-million-a-17074Exploit: Ransomware
Forefront Dermatology S.C.: Medical Network
Risk to Business: 2.216 = Severe
Forefront Dermatology S.C, a Wisconsin-based dermatology practice with affiliated offices in 21 states plus Washington, D.C., is notifying 2.4 million patients, employees and clinicians of a ransomware incident it recently experienced. Cuba ransomware is believed to be the culprit. The incident is the third-largest healthcare breach of 2021 so far. Xperts who spotted the data dump on a darknet site said that it was approximately 47 MB, including more than 130 files with information on the entity’s system and network, with security and backup details, and all their logins for vendor sites.
Risk to Individual: 2.462 = Severe
The company has announced that potentially compromised patient, clinician and employee information includes name, address, date of birth, patient account number, health insurance plan member ID number, medical record number, dates of service, provider names, and/or medical and clinical treatment information.
How it Could Affect Your Business: Medical data is some of the hottest product to sell in dark web markets, earning cybercriminals a substantial profit and this company a substatial HIPAA fine.
Guess
https://www.zdnet.com/article/guess-announces-breach-of-employee-ssns-and-financial-data-after-darkside-attack/Exploit: Ransomware
Guess: Fashion Brand
Risk to Business: 2.223=Severe
Fashion brand Guess, known for their salacious 90’s advertising campaigns, was hit with a ransomware attack from an unexpected source: Darkside. Sources are mixed as to whether this is a new operation or an old one just coming to light. Guess would not confirm that the incident occurred, but dark web researchers uncovered 200 GB of data from the fashion brand on a leak site. No consumer financial information was reported as stolen.
Customers Impacted: Unknown
How it Could Affect Your Business: Proproetary data about businesses and their products is a hot seller on the dark web, especially if blueprints, formulas or similar information is included.
Mint Mobile
https://www.bleepingcomputer.com/news/security/mint-mobile-hit-by-a-data-breach-after-numbers-ported-data-accessed/Exploit: Hacking
Mint Mobile: Mobile Network Carrier
Risk to Business: 1.575 = Severe
California-based Mint Mobile has disclosed a data breach. The company says that an unauthorized person gained access to their data including subscribers’ account information. The miscreants also ported phone numbers to another carrier.
Individual Risk: 1.502 = Severe
Exposed client data may include name, address, telephone number, email address, password, bill amount, international call detail information, telephone number, account number and subscription features.
How it Could Affect Your Business: Hackers are always in the market for fresh data, and this kind of prorietary information is a goldmine for them.
United Kingdom – Northern Railway
Exploit: RansomwareNorthern Trains: Government-Run Transportation Authority
Risk to Business: 1.302 = Extreme
Railway passengers in Northern England got an unpleasant surprise when they discovered that ticket machines on Northern Trains’ network were knocked offline following a ransomware attack. Run by the British government, Northern Trains said no customer or payment data had been compromised, and that customers could still buy tickets online.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks againts utilities and quasi-utility infrastructure have been steadily increasing, and businesses in those sectors need to step up their protection to stay safe.
Ecuador – Corporación Nacional de Telecomunicación (CNT)
https://www.bleepingcomputer.com/news/security/ecuadors-state-run-cnt-telco-hit-by-ransomexx-ransomware/Exploit: Hacking
Corporación Nacional de Telecomunicación (CNT): State Run Telecommunications Utility
Risk to Business: 1.919 = Severe
Ecuador’s state-run Corporación Nacional de Telecomunicación (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal and customer support. This company provides telecommunications services including fixed-line phone service, mobile, satellite TV, and internet connectivity. The attack has shut online payment systems down. RansomEXX is suspected to be the culprit. An investigation and systems restoration is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Business: Customer satisfaction is bound to be severely impacted by the loss of online payment systems.
Northwestern Memorial HealthCare
https://portswigger.net/daily-swig/data-breach-at-third-party-provider-exposes-medical-information-of-us-healthcare-patientsExploit: Third-Party Data Breach
Northwestern Memorial HealthCare: Hospital System
Risk to Business: 1.771= Severe
A data breach at a third-party provider, Elekta, has potentially exposed the private medical information of patients at Northwestern Memorial HealthCare (NMHC) providers. Unknown cybercriminals were able to access a database owned by Elekta, a company that provides a cloud-based platform that handles legally required cancer reporting to the State of Illinois. Those potentially affected are patients of Northwestern Medicine Central DuPage Hospital, Northwestern Medicine Delnor Community Hospital, Northwestern Medicine Huntley Hospital, Northwestern Medicine Kishwaukee Hospital, Northwestern Medicine Lake Forest Hospital, Northwestern Medicine McHenry Hospital, Northwestern Memorial Hospital, Northwestern Medicine Valley West Hospital and Northwestern Medicine Valley West Hospital.
Individual Risk: 1.603= Severe
The hospital system has announced that attackers made a copy of datasets, which include patient names, dates of birth, Social Security numbers, health insurance information, and medical record numbers. The database also contained clinical information related to cancer treatment, including medical histories, physician names, dates of service, treatment plans, diagnoses, and/or prescription information.
How It Could Affect Your Business: Proprietary data like this is cybercriminal gold. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.
Morgan Stanley
https://www.bleepingcomputer.com/news/security/morgan-stanley-reports-data-breach-after-vendor-accellion-hack/Exploit: Third-Party Data Breach
Morgan Stanley: Financial Services Firm
Risk to Business: 2.216 = Severe
Morgan Stanley has reported a third-party data breach after attackers reportedly stole customer data by hacking into the Accellion FTA server of a third-party vendor. That vendor, Guidehouse, is a third-party vendor that provides account maintenance services to Morgan Stanley’s StockPlan Connect business. Guidehouse notified the investment banking company in May 2021 that attackers had accessed its Accellion FTA server. The Clop ransomware gang claimed responsibility for the original Accellion hack.
Risk to Individual: 2.462 = Severe
Morgan Stanley says that the information stolen in this incident does not include financial information but does include stock plan participants’ names, addresses (last known address), dates of birth, social security numbers and corporate/company names. The files stolen from Guidehouse’s FTA server did not contain password information or credentials that the threat actors could use to gain access to impacted Morgan Stanley customers’ financial accounts.
How it Could Affect Your Business: Ransomware can have ripple consequences that complicate response for everyone involved, creating unexpected risk.
Republican National Committee (RNC)
https://www.bloomberg.com/news/articles/2021-07-06/russian-state-hackers-breached-republican-national-committeeExploit: Nation-State Cybercrime
Republican National Committee (RNC): Political Organization
Risk to Business: 2.223=Severe
Russian-aligned nation-state cybercriminals hacked into the Republican National Committee last week. Initially dismissive of the hack, RNC officials ultimately admitted that their security had been breached. However, those officials attributed the hack to a data security incident at a subcontractor, Synnex. The RNC announced that they are working with experts at Microsoft to investigate this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Reviewing potential avenues of risk can help you and your customers make a strong defensive plan.
GETTR
https://therecord.media/gettr-leaks-email-addresses-and-user-details-in-api-security-snafu/Exploit: Hacking
GETTR: Social Media Platform
Risk to Business: 1.575 = Severe
A hacker has reported that they have breached GETTR, a new right-wing social media platform popular with personalities who have been banned from mainstream social media. The data was purportedly collected in two batches, on July 1 and July 5. According to copies of the leaked file and the leaker’s claims, the first batch of the stolen data was collected through scraping on July 1 and the second batch was obtained through endpoint exploitation. The sum of the data collected in both leaks is estimated at more than 90,065 user profiles.
Individual Risk: 1.502 = Severe
According to the hackers, the snatched data included information such as real names, profile descriptions, site usernames, along with other public information, but also non-public information such as a user’s email address, birth year, and location information.
How it Could Affect Your Business: Strong endpoint security and security awareness training are vital for the success of security plans
Switzerland – Comparis
https://www.reuters.com/technology/ransomware-attack-hits-swiss-consumer-outlet-comparis-2021-07-09/Exploit: Hacking
Comparis: Shopping Platform
Risk to Business: 1.302 = Extreme
Swiss online consumer outlet Comparis has disclosed a ransomware attack by filing a criminal complaint. The attack purportedly blocked some of the information technology systems, causing scattered disruptions for several days. Sister company Credaris, a financial services provider that uses the same server environment, may also have experienced unconfirmed malicious access to unspecified information. According to the hackers, the snatched data included information such as real names, profile descriptions, site usernames, along with other public information, but also non-public information such as a user’s email address, birth year, and location information.
Customers Impacted: Unknown
How it Could Affect Your Business: Personal data is gold in dark web markets, and cybercriminals are hungry to find new stores of it to sell.
Germany – Spreadshop
https://www.privacysharks.com/spreadshop-hit-by-cyber-attack-payment-details-emails-and-passwords-breached/Exploit: Hacking
Spreadshop: Shopping Platform
Risk to Business: 1.919 = Severe
German merchandise platform Spreadshop has disclosed that on July 8th, 2021, it was the victim of a malicious cyberattack. The company confirmed that personal user data, including bank account details, were compromised. The platform is the commerce arm of a web of businesses that also includes Spreadshirt and TeamShirts.
Individual Risk: 2.271 = Severe
According to a statement from Spreadshop, the compromised data includes address and contractual data belonging to customers, partners, employees and external suppliers. Also affected are the payment details of a small number of customers who made payments to Spreadshirt, Spreadshop, or TeamShirts via bank transfer or who have received a refund via bank transfer.
How it Could Affect Your Business: If client data was impacted, GDPR carries stiff penalties for customer data loss and those continue to climb.
India – Technisanct
https://ciso.economictimes.indiatimes.com/news/data-breach-in-trading-platform/83829525Exploit: Hacking
Technisanct: Trading Platform
Risk to Business: 2.801 = Moderate
Big data startup Technisanct has disclosed a data breach in a trading platform that it operates in India. Information from over 3.4 million customers was compromised. The security breach was identified by Technisanct’s digital risk monitoring tool. Researchers have reported that the pilfered data was for sale in an online platform dedicated to these kinds of transactions, and some of the information was published on June 15.
Idividual Risk: 2.766 = Moderate
The company has disclosed that Personal Identifiable Information (PII) was exposed including name, customer ID, contact number, email ID, trade login ID, branch ID, city and country.
How it Could Affect Your Business: PII was the second most popular category of data in dark web markets last year according to the Verizon/Ponemon DBIR 2021 report.
Taiwan – Adata
https://www.bleepingcomputer.com/news/security/adata-suffers-700-gb-data-leak-in-ragnar-locker-ransomware-attack/Exploit: Ransomware
Adata: Computer Chip Maker
Risk to Business: 1.801 = Severe
The Ragnar Locker ransomware gang has announced that they’ve acquired more than 700GB of archived data stolen from Taiwanese memory and storage chip maker ADATA. A set of 13 archives, allegedly containing sensitive ADATA files, have been publicly available at a cloud-based storage service, at least for some time. According to reports, the largest archive is close to 300GB, and the second largest is 117GB and the archives likely contain corporate financial information, non-disclosure agreements and sales data.
Customers Impacted: Unknown
How it Could Affect Your Business: That’s a huge trove of data that will be very popular in hacker marketplaces.