InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Cognyte
https://beta.darkreading.com/attacks-breaches/cyber-analytics-database-exposed-5-billion-records-onlineExploit: Unsecured Database
Cognyte: Data Analytics Firm
Risk to Business: 1.802= Severe
Data analytics company Cognyte warns folks about data exposure from third-party sources, and it had to send one out for itself this week. Researchers discovered an unsecured database operated by Cognyte that left some 5 billion records collected from a range of data incidents exposed online. The stored data is part of Cognyte’s cyber intelligence service, which is used to alert customers to third-party data exposures. The incident is under investigation.
Customers Impacted: Unknown
How It Could Affect Your Business: Proprietary like this is catnip for hackers. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.
Invenergy LLC
https://www.infosecurity-magazine.com/news/revil-claims-responsibility-for/Exploit: Ransomware
Invenergy LLC: Energy Company
Risk to Business: 1.916 = Severe
REvil has claimed responsibility for a recent cyberattack on renewable energy company Invenergy. The gang claims to have compromised the company’s computer systems and exfiltrated four terabytes of data. Among the information allegedly taken by REvil are contracts and project data. In a bizarre twist, REvil also claims to have obtained “very personal and spicy” information regarding Invenergy’s chief executive officer, Michael Polsky.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets are hot right now as ransomware gangs try to score a big payday fast from targets that can’t afford downtime.
CVS
https://www.zdnet.com/article/billions-of-records-belonging-to-cvs-health-exposed-online/#ftag=RSSbaffb68Exploit: Thitd-Party Threat (Misconfiguration)
CVS: Drug Store Chain
Risk to Business: 1.416= Extreme
CVS is in hot water after researchers discovered a trove of over one billion records online that were connected to the US healthcare and pharmaceutical giant. The unsecured databasewas extimated to be 204GB in size. According to reports, the databases contained an astonishing assortment of sensitive data like event and configuration data, visitor IDs, session IDs, device access information and details on how the logging system operated from the backend. Search records exposed also included queries for medications, COVID-19 vaccines and a variety of CVS products, referencing both CVS Health and CVS.com.
Customers Impacted: Unknown
How it Could Affect Your Business: Every company needs to make it a priority to be certain that their contractors and partners are handling and storing sensitive data correctly. Poor cyber hygiene at a service provider can become an expensive disaster fast.
Wegman’s
https://www.bleepingcomputer.com/news/security/us-supermarket-chain-wegmans-notifies-customers-of-data-breach/Exploit: Third-Party Threat (Misconfiguration)
Wegman’s: Grocery Store Chain
Risk to Business: 2.227= Severe
East Coast gourmet grocer Wegmans issued a release announcing that a service provider had failed to correctly configure two of its databases, exposing a large quantity of customer data. According to Wegmans, the databases that the contractor maintained contained customer identity and shopping habit information as well as an assortment of client PII. The company says the issue is resolved.
Risk to Business: 2.776 = Moderate
The release says that customer information exposed in the data breach included names, addresses, phone numbers, birth dates, Shoppers Club numbers, Wegmans.com account e-mail addresses and passwords. No Social Security, financial or medical information was stolen and only salted password hashes were stored in the databases maintained by the negligent contractor.
How it Could Affect Your Business: Clients expect a high level of information security from companies that they trust with their personal information and excuses about errors by contractors aren’t going to get businesses off the hook if there’s trouble.
Carnival Cruise Line
https://www.scmagazine.com/home/email-security/carnival-discloses-new-data-breach-on-email-accounts/
Exploit: HackingCarnival Cruise Lines: Cruise Ship Operator
Risk to Business: 1.651= Severe
Perennially cybersecurity challenged cruise line Carnival issued a breach disclosure on Thursday confirming hackers attacked email accounts and gained access to data about its customers and employees. The company said that the data snatched was collected during the travel booking process, through the course of employment or from providing services to the company, including COVID or other safety testing.
Risk to Business: 1.802= Severe
The poassenger data accessed included names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like social security or national identification numbers. No clear information was provided about the employee information that was exposed.
How it Could Affect Your Business: This is the third major cybersecurity blunder for Carnival in just one year, and that is likely to create a great deal of mistrust with consumers just as the travel industry is getting back on it’s feet.
United Kingdom – Cake Box
https://www.bleepingcomputer.com/news/security/eggfree-cake-box-suffer-data-breach-exposing-credit-card-numbers/Exploit: Hacking
Cake Box: Bakery Chain
Risk to Business: 1.661 = Severe
UK celebration cake chain Cake Box isn’t celebrating this week. The company has disclosed a data breach after threat actors hacked their website and obtained credit card numbers. According to the release, the breach occurred way back in April 2020 and they’re just informing consumers. Payment skimming malware is to blame. Experts suspect that this breach is the result of a Magecart attack.
Individual Risk 2.802 = Severe
When customers made purchases on the site while it was infected malicious scripts sent the first name and surname, email address, postal address, and payment card information including the three-digit CVV code to a remote server controlled by the attackers. This is an ancient breach in terms of the time it took for consumers to be informed, and the damage has definitely already been done.
How it Could Affect Your Business: There is no excuse for waiting more than a year to inform customers that their data has been stolen, especially financial data like credit card numbers. This incident will shake consumer confidence in the brand.
South Korea – Korea Atomic Energy Research Institute (KAERI)
https://www.theregister.com/2021/06/21/south_koreas_nuclear_think_tank/Exploit: Nation-State Cybercrime
Korea Atomic Energy Research Institute (KAERI): Government Agency
Risk to Business: 1.633 = Severe
South Korean officials have admitted that the government nuclear think tank Korea Atomic Energy Research Institute (KAERI) was hacked by nation-state threat actors in May 2021 after the incident was brought to light by reporters. The Korean media is accusing the agency of perpetrating a cover-up. According to experts, the North Korean Kimusky cybercrime gang is to blame. This group often uses phishing to mimic websites like Gmail, Outlook, Telegram and more. The group then installs Android and Windows backdoor “AppleSeed” to collect information and frequently makes use of ransomware. The extent of the data theft is unknown.
Customers Impacted: Unknown
How it Could Affect Your Business: Nation-state threat actors frequently use phishing and ransomware to get the job done, and no matter how big or small, no organization is safe.
Electronic Arts Inc (EA)
https://www.reuters.com/business/hackers-steal-wealth-data-ea-vice-2021-06-10/Exploit: Hacking
Electronic Arts Inc: Game Developer
Risk to Business: 1.355= Extreme
Electronic Arts (EA) has announced that it is investigating a data breach. Cybercriminals stole valuable corporate data from the company including game source code and related tools. Early reports noted that hackers had stolen source codes for the popular title “FIFA 21” and source code and tools for the Frostbite engine. Researchers estimate that 780 gigabytes of data was snatched then advertised for sale on underground hacking forums.
How It Could Affect Your Business: Hackers are always interested in proprietary data and corporate secrets, the 3rd most popular category for theft. They’re easy money in the busy dark web data markets.
Edward Don
Exploit: RansomwareEdward Don: Foodservice Distributor
Risk to Business: 1.816 = Severe
Foodservice equipment distributor Edward Don has been hit by a ransomware attack. The incident has disrupted their business operations, including their phone systems, network and email. As a result, employees have been driven to using personal Gmail accounts to communicate with customers regarding urgent orders or fulfillment issues. The incident is under investigation and full functionality was quickly restored,
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.
McDonald’s Corp
https://www.reuters.com/technology/mcdonalds-hit-by-data-breach-south-korea-taiwan-wsj-2021-06-11/Exploit: Ransomware
McDonald’s Corp: Fast Food Chain
Risk to Business: 2.606= Moderate
McDonald’s Corp. said hackers exposed US business information and some customer data in South Korea and Taiwan. The attackers accessed e-mails, phone numbers and delivery addresses. The company reported that it had hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which the unauthorized access was cut off a week after it was identified. The announcement noted that the burger chain does not believe any customer payment data was stolen but cautioned that there may be employee data exposed.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks that focus on obtaining corporate or business data are increasingly troubling because each one adds more sensitive data to the dark web that can be used against
Intuit
https://www.bleepingcomputer.com/news/security/intuit-notifies-customers-of-compromised-turbotax-accounts/Exploit: Account Takeover (ATO)
Intuit: Financial Software Developer
Risk to Business: 1.612= Severe
Accounting software giant Intuit has notified customers that they have suffered a breach. The company warned users of TurboTax that their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. Intuit announced that the threat actors used credentials (usernames and passwords) obtained from “a non-Intuit source” to gain access to the accounts.
Risk to Business: 1.832= Severe
Intuit notified potentially impacted clients by mail that information contained in a prior year’s tax return or current tax returns in progress including their name, Social Security number, address(es), date of birth, driver’s license number and financial information (e.g., salary and deductions) and information of other individuals contained in the tax return may have been exposed.
How it Could Affect Your Business: Clients expect a high level of information security from companies that they trust with their personal and financial information, and may stop doing business with companies that fail to protect it.
Sol Oriens
https://www.techtimes.com/amp/articles/261472/20210615/revil-hacking-group-s-ransomware-attack-nuclear-weapons-contractor-sol.htmExploit: Ransomware
Sol Oriens: Defense Contractor
Risk to Business: 2.337= Severe
REvil has struck again, this time against a tiny but important target in the defense sector. Sol Oriens, which consults for the US Department of Energy’s National Nuclear Safety Administration, is a 50-person firm based in Albuquerque, New Mexico. Researchers noted finding Sol Oriens documents posted on the dark web, told CNBC that they include invoices for NNSA contracts, descriptions of research and development projects managed by defense and energy contractors dated as recently as 2021
Customers Impacted: Unknown
How it Could Affect Your Business: This seemingly small attack could pack big consequences. Ransomware gangs have been increasingly focused on hitting strategic targets that service major clients.
Volkswagen Group of America
https://www.reuters.com/business/autos-transportation/vw-says-data-breach-vendor-impacted-33-million-people-north-america-2021-06-11/Exploit: Third- Party Data Breach
Volkswagen Group of America: Automotive Manufacturer
Risk to Business: 1.825 = Severe
Volkswagen US has announced that it has suffered a data breach impacting millions of US customers and prospective customers. the car company released information saying that a data breach at a vendor has exposed data on more than 3.3 million buyers and prospective buyers in North America. An unauthorized third party obtained limited personal information about customers and interested buyers from a vendor that its Audi Volkswagen brands and some U.S. and Canadian dealers used for digital sales and marketing.
Risk to Business: 2.213 = Severe
The information was gathered for sales and marketing between 2014 and 2019 and was in an electronic file the vendor left unsecured. According to Volkswagen, the majority of people impacted had phone numbers and email addresses exposed, but some clients had their driver’s license information stolen as well. In some cases, information about a vehicle purchased, leased, or inquired about was also obtained. VW said 90,000 Audi customers and prospective buyers also had sensitive data impacted relating to purchase or lease eligibility. VW said it will offer free credit protection services to those individuals.
How it Could Affect Your Business: Attacks on data processors and other essential service providers have escalated as cybercriminals look for big data scores and information that facilitates more cybercrimes.
New York City Law Department
https://www.nytimes.com/2021/06/07/nyregion/cyberattack-law-department-nyc.html
Exploit: RansomwareNew York City Law Department: Municipal Government Agency
Risk to Business: 1.633 = Severe
The New York City Law Department experienced a cyberattack that impacted its computer systems, forcing it to shut down its technology. The network also had to be disconnected from other city systems for safety. Systems are being restored slowly and the FBI is investigating along with New York police.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks that strike at government and infrastructure targets frequently use ransomware to get the job done, and no matter how big or small, no organization is safe.
Carter’s
https://threatpost.com/baby-clothes-carters-leaks-customer-records/166866/Carter’s: Children’s Clothier
Exploit: Third Party Data Breach
Risk to Business: 2.331 = Severe
In a new disclosure, baby clothing giant Carter’s admitted that it had suffered a data breach through a third-party data processor. This exposed the personal data of hundreds of thousands of its customers over a multiyear period. The service provider, Linc, handled automation for online purposes. The Linc system was used to send customers shortened URLs containing everything from purchase details to tracking information without basic security protections.
Customers Impacted: Unknown
How it Could Affect Your Business: Every business has relationships with other businesses, and every relationship they have creates risk. Protecting companies from supply chain risk is imperative.
Electronic Arts Inc (EA)
https://www.reuters.com/business/hackers-steal-wealth-data-ea-vice-2021-06-10/Exploit: Hacking
Electronic Arts Inc: Game Developer
Risk to Business: 1.355= Extreme
Electronic Arts (EA) has announced that it is investigating a data breach. Cybercriminals stole valuable corporate data from the company including game source code and related tools. Early reports noted that hackers had stolen source codes for the popular title “FIFA 21” and source code and tools for the Frostbite engine. Researchers estimate that 780 gigabytes of data was snatched then advertised for sale on underground hacking forums.
How It Could Affect Your Business: Hackers are always interested in proprietary data and corporate secrets, the 3rd most popular category for theft. They’re easy money in the busy dark web data markets.
Edward Don
Exploit: RansomwareEdward Don: Foodservice Distributor
Risk to Business: 1.816 = Severe
Foodservice equipment distributor Edward Don has been hit by a ransomware attack. The incident has disrupted their business operations, including their phone systems, network and email. As a result, employees have been driven to using personal Gmail accounts to communicate with customers regarding urgent orders or fulfillment issues. The incident is under investigation and full functionality was quickly restored,
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.
McDonald’s Corp
https://www.reuters.com/technology/mcdonalds-hit-by-data-breach-south-korea-taiwan-wsj-2021-06-11/Exploit: Ransomware
McDonald’s Corp: Fast Food Chain
Risk to Business: 2.606= Moderate
McDonald’s Corp. said hackers exposed US business information and some customer data in South Korea and Taiwan. The attackers accessed e-mails, phone numbers and delivery addresses. The company reported that it had hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which the unauthorized access was cut off a week after it was identified. The announcement noted that the burger chain does not believe any customer payment data was stolen but cautioned that there may be employee data exposed.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks that focus on obtaining corporate or business data are increasingly troubling because each one adds more sensitive data to the dark web that can be used against
Intuit
https://www.bleepingcomputer.com/news/security/intuit-notifies-customers-of-compromised-turbotax-accounts/Exploit: Account Takeover (ATO)
Intuit: Financial Software Developer
Risk to Business: 1.612= Severe
Accounting software giant Intuit has notified customers that they have suffered a breach. The company warned users of TurboTax that their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. Intuit announced that the threat actors used credentials (usernames and passwords) obtained from “a non-Intuit source” to gain access to the accounts.
Risk to Business: 1.832= Severe
Intuit notified potentially impacted clients by mail that information contained in a prior year’s tax return or current tax returns in progress including their name, Social Security number, address(es), date of birth, driver’s license number and financial information (e.g., salary and deductions) and information of other individuals contained in the tax return may have been exposed.
How it Could Affect Your Business: Clients expect a high level of information security from companies that they trust with their personal and financial information, and may stop doing business with companies that fail to protect it.
Sol Oriens
https://www.techtimes.com/amp/articles/261472/20210615/revil-hacking-group-s-ransomware-attack-nuclear-weapons-contractor-sol.htmExploit: Ransomware
Sol Oriens: Defense Contractor
Risk to Business: 2.337= Severe
REvil has struck again, this time against a tiny but important target in the defense sector. Sol Oriens, which consults for the US Department of Energy’s National Nuclear Safety Administration, is a 50-person firm based in Albuquerque, New Mexico. Researchers noted finding Sol Oriens documents posted on the dark web, told CNBC that they include invoices for NNSA contracts, descriptions of research and development projects managed by defense and energy contractors dated as recently as 2021
Customers Impacted: Unknown
How it Could Affect Your Business: This seemingly small attack could pack big consequences. Ransomware gangs have been increasingly focused on hitting strategic targets that service major clients.
Volkswagen Group of America
https://www.reuters.com/business/autos-transportation/vw-says-data-breach-vendor-impacted-33-million-people-north-america-2021-06-11/Exploit: Third- Party Data Breach
Volkswagen Group of America: Automotive Manufacturer
Risk to Business: 1.825 = Severe
Volkswagen US has announced that it has suffered a data breach impacting millions of US customers and prospective customers. the car company released information saying that a data breach at a vendor has exposed data on more than 3.3 million buyers and prospective buyers in North America. An unauthorized third party obtained limited personal information about customers and interested buyers from a vendor that its Audi Volkswagen brands and some U.S. and Canadian dealers used for digital sales and marketing.
Risk to Business: 2.213 = Severe
The information was gathered for sales and marketing between 2014 and 2019 and was in an electronic file the vendor left unsecured. According to Volkswagen, the majority of people impacted had phone numbers and email addresses exposed, but some clients had their driver’s license information stolen as well. In some cases, information about a vehicle purchased, leased, or inquired about was also obtained. VW said 90,000 Audi customers and prospective buyers also had sensitive data impacted relating to purchase or lease eligibility. VW said it will offer free credit protection services to those individuals.
How it Could Affect Your Business: Attacks on data processors and other essential service providers have escalated as cybercriminals look for big data scores and information that facilitates more cybercrimes.
New York City Law Department
https://www.nytimes.com/2021/06/07/nyregion/cyberattack-law-department-nyc.html
Exploit: RansomwareNew York City Law Department: Municipal Government Agency
Risk to Business: 1.633 = Severe
The New York City Law Department experienced a cyberattack that impacted its computer systems, forcing it to shut down its technology. The network also had to be disconnected from other city systems for safety. Systems are being restored slowly and the FBI is investigating along with New York police.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks that strike at government and infrastructure targets frequently use ransomware to get the job done, and no matter how big or small, no organization is safe.
Carter’s
https://threatpost.com/baby-clothes-carters-leaks-customer-records/166866/Carter’s: Children’s Clothier
Exploit: Third Party Data Breach
Risk to Business: 2.331 = Severe
In a new disclosure, baby clothing giant Carter’s admitted that it had suffered a data breach through a third-party data processor. This exposed the personal data of hundreds of thousands of its customers over a multiyear period. The service provider, Linc, handled automation for online purposes. The Linc system was used to send customers shortened URLs containing everything from purchase details to tracking information without basic security protections.
Customers Impacted: Unknown
How it Could Affect Your Business: Every business has relationships with other businesses, and every relationship they have creates risk. Protecting companies from supply chain risk is imperative.
United States iConstituent
https://www.nbcnews.com/politics/congress/house-communications-vendor-compromised-ransomware-attack-n1269934Exploit: Ransomware
IConstituent: Communications Services
Risk to Business: 1.655= Severe
A major service provider to members of the US House of Representatives is recovering from a ransomware incident that has left Members scrambling. iConstituent provides constituent communications services for House offices including facilitating Member emails and newsletters. The House Chief Administrative Officer (CAO) is coordinating a response with iConstituent, and the CAO has announced that no other House data or systems have been compromised.
How It Could Affect Your Business: Ransomware against service providers has been a hot profit center for cybercriminals and they’re not letting up on potentially vulnerable targets.
United States – Cox Media Group
https://therecord.media/live-streams-go-down-across-cox-radio-tv-stations-in-apparent-ransomware-attack/Exploit: Ransomware
Cox Media Group: TV & Radio Station Operator
Risk to Business: 1.227= Extreme
A number of TV and radio stations around the US went dark briefly after a suspected ransomware attack on parent company Cox Media Group. Stations impacted included News9, WSOC, WSB, WPXI, KOKI, and almost all Cox radio stations. The Cox Media Group owns 57 radio and TV stations across 20 US markets. Internal networks and live streaming capabilities for other Cox media properties, such as web streams and mobile apps, were also impacted in the June 35r event. Service was quickly restored and the event is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.
United States – Navistar International Corporation
https://www.reuters.com/technology/us-truck-maker-navistar-says-aware-it-breach-2021-06-07/Exploit: Ransomware
Navistar International Corporation: Specialty Vehicle Manufacturer
Risk to Business: 2.812= Moderate
Truck manufacturer Navistar International has notified the Securities and Exchange Commission (SEC) that they’ve fallen prey to a ransomware attack. Navistar makes trucks, buses and diesel engines, while its Navistar Defense subsidiary produces several US military vehicles. The company confirmed that there was data exfiltration in the suspected ransomware attack, but no details have been made available regarding the nature of that data.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – New York Metropolitan Transit Authority (M.T.A.)
https://www.nytimes.com/2021/06/02/nyregion/mta-cyber-attack.html
Exploit: Nation-State hackingNew York Metropolitan Transit Authority (M.T.A.): Regional Transport Operator
Risk to Business: 2.812= Moderate
Officials at NY M.T.A released information that their system had been the target of a cyberattack by a hacking group believed to have links to the Chinese government. According to the report, nation-state actors penetrated the Metropolitan Transportation Authority’s computer systems in April. The investigation has concluded and NY M.T.A. was able to confirm that no sensitive data or rider data was impacted.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – LineStar Integrity Services
https://www.wired.com/story/linestar-pipeline-ransomware-leak/Exploit: Ransomware
LineStar Integrity Services: Pipeline Technology Services
Risk to Business: 2.522= Severe
Cybersecurity researchers discovered that pipeline technology provider LineStar Integrity was hit in a ransomware incident at approximately the same time as Colonial Pipeline resulting in 70+GB of company data finding a new home on the dark web. LineStar Integrity Services sells auditing, compliance, maintenance, and technology services to pipeline customers and is based in Houston, TX.
Customers Impacted: Unknown
How it Could Affect Your Business: Increasing frequency off cyberattacks on service providers show that cybercriminals are taking every chance to strike against linchpins of business services.
United Kingdom – Furniture Village
https://www.theregister.com/2021/06/04/furniture_village_confirms_cyberattack/Exploit: Hacking
Furniture Village: Home Goods Retailer
Risk to Business: 1.115 = Extreme
UK home goods giant Furniture Village has confirmed that it has been suffering the impact of an unnamed cyberattack. For the past week, the company’s internal systems, as well as some customer-facing systems, have been experiencing outages. The company stated that no data appears to have been stolen. Impacted systems include included delivery systems, phone systems, and payment mechanisms.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on older systems are often easy money for cybercriminals looking for data to sell with a low overhead and fast turnaround time.
Australia – New South Wales Health (NSW Health)
https://www.zdnet.com/article/nsw-health-confirms-data-breached-due-to-accellion-vulnerability/Exploit: Third-Party Data Breach
New South Wales Health (NSW Health): Regional Healthcare Agency
Risk to Business: 1.616 = Severe
New South Wales Health has confirmed that it is the latest organization impacted by the major cyberattack on the file transfer system owned by medical data services provider Accellion last month. The state entity said that no medical records maintained in public hospitals were affected. The agency has begun notifying people whose data may have been accessed. NSW Health has upgraded its technology to avoid future problems.
Individual Risk: 1.616 = Severe
New South Wales Health disclosed that identity information and health-related personal information were exposed for some patients. The agency is in the process of contacting people who have been impacted.
How it Could Affect Your Business: Attacks on major data processors like this puts many businesses at risk. Cybercriminals are hungry for saleable information and these places are treasure troves.
Japan – Fulifilm
https://www.bleepingcomputer.com/news/security/fujifilm-confirms-ransomware-attack-disrupted-business-operations/Exploit: Ransomware
Fujifilm: Film & Photo Technology Developer
Risk to Business: 1.922 = Severe
Legendary Japanese film technology company Fujifilm announced that it has been the victim of a ransomware attack that has impacted its operations. The purported ransomware attack led to a network outage that impacted access to email for employees, billings system and a problem reporting system. Experts believe that this attack was carried out with REvil technology. Investigation and recovery have begun and many systems have been fully restored.
Customers Impacted: Unknown
How it Could Affect Your Business: Business disruptions from ransomware attacks can be costly even if no business or customer data is stolen, and extra costs for recovery can add up.
United States iConstituent
https://www.nbcnews.com/politics/congress/house-communications-vendor-compromised-ransomware-attack-n1269934Exploit: Ransomware
IConstituent: Communications Services
Risk to Business: 1.655= Severe
A major service provider to members of the US House of Representatives is recovering from a ransomware incident that has left Members scrambling. iConstituent provides constituent communications services for House offices including facilitating Member emails and newsletters. The House Chief Administrative Officer (CAO) is coordinating a response with iConstituent, and the CAO has announced that no other House data or systems have been compromised.
How It Could Affect Your Business: Ransomware against service providers has been a hot profit center for cybercriminals and they’re not letting up on potentially vulnerable targets.
United States – Cox Media Group
https://therecord.media/live-streams-go-down-across-cox-radio-tv-stations-in-apparent-ransomware-attack/Exploit: Ransomware
Cox Media Group: TV & Radio Station Operator
Risk to Business: 1.227= Extreme
A number of TV and radio stations around the US went dark briefly after a suspected ransomware attack on parent company Cox Media Group. Stations impacted included News9, WSOC, WSB, WPXI, KOKI, and almost all Cox radio stations. The Cox Media Group owns 57 radio and TV stations across 20 US markets. Internal networks and live streaming capabilities for other Cox media properties, such as web streams and mobile apps, were also impacted in the June 35r event. Service was quickly restored and the event is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.
United States – Navistar International Corporation
https://www.reuters.com/technology/us-truck-maker-navistar-says-aware-it-breach-2021-06-07/Exploit: Ransomware
Navistar International Corporation: Specialty Vehicle Manufacturer
Risk to Business: 2.812= Moderate
Truck manufacturer Navistar International has notified the Securities and Exchange Commission (SEC) that they’ve fallen prey to a ransomware attack. Navistar makes trucks, buses and diesel engines, while its Navistar Defense subsidiary produces several US military vehicles. The company confirmed that there was data exfiltration in the suspected ransomware attack, but no details have been made available regarding the nature of that data.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – New York Metropolitan Transit Authority (M.T.A.)
https://www.nytimes.com/2021/06/02/nyregion/mta-cyber-attack.html
Exploit: Nation-State hackingNew York Metropolitan Transit Authority (M.T.A.): Regional Transport Operator
Risk to Business: 2.812= Moderate
Officials at NY M.T.A released information that their system had been the target of a cyberattack by a hacking group believed to have links to the Chinese government. According to the report, nation-state actors penetrated the Metropolitan Transportation Authority’s computer systems in April. The investigation has concluded and NY M.T.A. was able to confirm that no sensitive data or rider data was impacted.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – LineStar Integrity Services
https://www.wired.com/story/linestar-pipeline-ransomware-leak/Exploit: Ransomware
LineStar Integrity Services: Pipeline Technology Services
Risk to Business: 2.522= Severe
Cybersecurity researchers discovered that pipeline technology provider LineStar Integrity was hit in a ransomware incident at approximately the same time as Colonial Pipeline resulting in 70+GB of company data finding a new home on the dark web. LineStar Integrity Services sells auditing, compliance, maintenance, and technology services to pipeline customers and is based in Houston, TX.
Customers Impacted: Unknown
How it Could Affect Your Business: Increasing frequency off cyberattacks on service providers show that cybercriminals are taking every chance to strike against linchpins of business services.
United Kingdom – Furniture Village
https://www.theregister.com/2021/06/04/furniture_village_confirms_cyberattack/Exploit: Hacking
Furniture Village: Home Goods Retailer
Risk to Business: 1.115 = Extreme
UK home goods giant Furniture Village has confirmed that it has been suffering the impact of an unnamed cyberattack. For the past week, the company’s internal systems, as well as some customer-facing systems, have been experiencing outages. The company stated that no data appears to have been stolen. Impacted systems include included delivery systems, phone systems, and payment mechanisms.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on older systems are often easy money for cybercriminals looking for data to sell with a low overhead and fast turnaround time.
Australia – New South Wales Health (NSW Health)
https://www.zdnet.com/article/nsw-health-confirms-data-breached-due-to-accellion-vulnerability/Exploit: Third-Party Data Breach
New South Wales Health (NSW Health): Regional Healthcare Agency
Risk to Business: 1.616 = Severe
New South Wales Health has confirmed that it is the latest organization impacted by the major cyberattack on the file transfer system owned by medical data services provider Accellion last month. The state entity said that no medical records maintained in public hospitals were affected. The agency has begun notifying people whose data may have been accessed. NSW Health has upgraded its technology to avoid future problems.
Individual Risk: 1.616 = Severe
New South Wales Health disclosed that identity information and health-related personal information were exposed for some patients. The agency is in the process of contacting people who have been impacted.
How it Could Affect Your Business: Attacks on major data processors like this puts many businesses at risk. Cybercriminals are hungry for saleable information and these places are treasure troves.
Japan – Fulifilm
https://www.bleepingcomputer.com/news/security/fujifilm-confirms-ransomware-attack-disrupted-business-operations/Exploit: Ransomware
Fujifilm: Film & Photo Technology Developer
Risk to Business: 1.922 = Severe
Legendary Japanese film technology company Fujifilm announced that it has been the victim of a ransomware attack that has impacted its operations. The purported ransomware attack led to a network outage that impacted access to email for employees, billings system and a problem reporting system. Experts believe that this attack was carried out with REvil technology. Investigation and recovery have begun and many systems have been fully restored.
Customers Impacted: Unknown
How it Could Affect Your Business: Business disruptions from ransomware attacks can be costly even if no business or customer data is stolen, and extra costs for recovery can add up.