United States – Arthur J. Gallagher & Co.
https://securityaffairs.co/wordpress/108925/malware/ajg-ransomware-attack.html
Exploit: Ransomware
Arthur J. Gallagher & Co.: Insurance Brokerage
Risk to Business: 2.119 = Severe
Ransomware struck at insurance giant Arthur J. Gallagher last week, according to the company’s Untied States Securities and Exchange Commission filing. The report went on to note that a limited portion of its internal systems were impacted and its operations were able to continue. Security researchers suspect that bad actors were able to exploit a known security flaw in the company’s servers to gain entry.
Individual Risk: So far, no personal data from clients or employees was noted as exposed in the breach, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Nowadays, ransomware operators aren’t just seeking ways to steal data – they also want to disrupt operations to cause damage.
ID Agent to the Rescue: Get Graphus, the powerful automatic phishing defender that evolves with your business, to protect your company from phishing-based email threats like ransomware. LEARN MORE>>
United States – Cache Creek Casino
https://www.dailydemocrat.com/2020/09/30/cyberattack-shuts-down-cache-creek-casino/
Exploit: Ransomware
Cache Creek Casino: Resort
Risk to Business: 1.492 = Extreme
Ransomware cleaned up at Cache Creek Casino in California, shutting down operations at the popular gambling destination just as it began recovering from a COVID-19 closure earlier this year. No reopening date has been set as the investigation and recovery continues. Other businesses including a golf club and shopping at the complex remain open. Cache Creek Casino is part of Cache Creek Casino Resort, one of Northern California’s largest casino-resort destinations, is owned and operated by the Yocha Dehe Wintun Nation.
Individual Risk: No individual information was reported as compromised in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business More than 60% of businesses that experience a damaging cyberattack close – and it’s even more dangerous now as businesses try to recover from COVID-19 closures.
ID Agent to the Rescue: BullPhish ID is the easy, cost-effective solution that helps companies train staffers to be aware of phishing (and ransomware) risks including “set it and forget it” campaign management and plug-and-play training kits. LEARN MORE>>
United States – District of Columbia Bar Association
https://techcrunch.com/2020/09/30/district-columbia-bar-exposed-personal-data/
Exploit: Unsecured Database
District of Columbia Bar Association: Regulatory Body
Risk to Business: 2.077 = Severe
An unsecured Elasticsearch server appears to be at fault for a data breach involving the personal data of new lawyers applying to test before the bar at the District of Columbia Bar Association. A whistleblower complaint was first submitted to the association in August, but resolution was slow, and applicant data may have leaked for some time before it was fixed. The DC Bar claims that only one record was exposed, but researchers and applicants who discovered the breach dispute that claim.
Individual Risk: 2.206 = Severe
Documents uploaded by applicants that may have been exposed include documents containing personal information like names, phone numbers, email addresses, Social Security numbers, the applicant’s full employment history, previous home addresses, and any disciplinary records provided.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Serious personal information deserves serious security. Any company that collects sensitive information about clients or applicants needs to do due diligence to determine that the information is properly secured.
ID Agent to the Rescue: Don’t let your business just walk into a preventable cybersecurity incident like the failure to secure a database. Make sure that staffers are adhering to basic security best practices with security awareness training from ID Agent. LEARN MORE>>
United States – Clark County School District
Exploit: Ransomware
Clark County School District: Education System
Risk to Business: 1.871 = Severe
Cybercriminals have followed through on their threats to release the information that they’d snatched about students after officials refused to pay the ransom demanded to release it. Students in the Clark County School District, Las Vegas, Nevada discovered over the weekend that their school records had been dumped on the Dark Web,
Risk to Individual: 1.660 = Severe
The leak included detailed personal and student record information including students’ names, social security numbers, addresses, and some financial information as well as grades, testing, awards, and disciplinary reports. Impacted students should be wary of spear phishing or identity theft attempts.
Customers Impacted: 320,000
How it Could Affect Your Customers’ Business: Failing to institute regular security awareness training including phishing resistance leaves organizations ripe for ransomware – and cybercriminals are more than willing to double down on ransom demands.
ID Agent to the Rescue: BullPhish ID enables organizations of any size to implement phishing resistance training quickly and easily, bringing staffers up to date on the latest threats without breaking the bank. LEARN MORE>>
United States – eResearch Technology
Exploit: Ransomware
eResearch Technology: Medical Research Technology Provider
Risk to Business: 1.330 = Extreme
In a disturbing turn of events, eResearch Technology was severely impacted by a ransomware attack that slowed down progress on COVID-19 vaccine and treatment research. The provider of technology that enables clinical trials and data sharing at organizations including AstraZeneca, Oxford University, and Bristol Myers Squibb, reported that its employees could not access many systems. That in turn affected clinical trials in progress as researchers were forced to track patient data manually using pen and paper. Systems were down for several days for repair.
Individual Risk: No personal data has been reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is a devastating weapon that bad actors are using to shut down essential services and attacks in the medical sector have been escalating – just last week healthcare giant Universal Health Services was walloped by ransomware and is still recovering.
ID Agent to the Rescue: Ransomware is almost always the nasty payload of a phishing email. Automate your company’s defense against phishing with Graphus to stop ransomware in its tracks. SEE HOW IT WORKS>>
United States – Oaklawn Hospital
Exploit: Phishing
Oaklawn Hospital: Medical Care Provider
Risk to Business: 2.126 = Severe
Multiple successful phishing forays at Michigan’s Oaklawn Hospital netted a wealth of information for cybercriminals. After gaining access to several employee email accounts, cybercriminals were able to exfiltrate patient data. The attack is believed to have occurred in April 2020 but was just disclosed in a filing.
Individual Risk: 1.811 = Severe
Patient information exposed as a result of the incident included names, passwords, dates of birth, addresses, phone numbers, medical and health insurance numbers, Social Security numbers, financial account information, and driver’s license numbers. Impacted patients should be alert to potential phishing and fraud attempts.
Customers Impacted: 26,861
How it Could Affect Your Customers’ Business: Not only does a data breach leave a huge mess of expensive cleanup behind, in many industries like healthcare, a data breach can also mean your organization will be paying big regulatory penalties and fines too.
ID Agent to the Rescue: Information like the patient data obtained in this breach is a hot seller on the Dark Web. Prevent leaked credentials from giving cybercriminals a route into your systems and data with 24/7/365 credential monitoring using Dark Web ID. SEE DARK WEB ID IN ACTION>>
United States – Piedmont Cancer Institute
Exploit: Phishing
Piedmont Cancer Institute: Specialty Medical Clinic
Risk to Business: 2.234 = Severe
Atlanta-based Piedmont Cancer Institute experienced a data breach exposing patient records and other sensitive information after an employee fell for a phishing attack. the incident occurred in a window stretching from mid April to early May and was just disclosed.
Individual Risk: 2.206 = Severe
Patient information exposed due to the email hack includes names, dates of birth, financial account information, and credit/debit card information. Patients who have been affected have been informed and should be alert for identity theft since payment card information was part of this breach.
Customers Impacted: 5,226
How it Could Affect Your Customers’ Business: Securing access to sensitive data is essential. Piedmont Cancer Institute is adding multifactor authentication to combat future incursions, a must-have for every business.
ID Agent to the Rescue: Passly packs essential secure identity and access management tools like multifactor authentication, single sign-on, secure shared password vaults, and more in one cost-effective package. LEARN MORE>>
The Week in Breach – Canada
Canada – Telus/Medisys
https://globalnews.ca/news/7367127/medisys-data-breach/
Exploit: Ransomware
Medisys: Healthcare Provider
Risk to Business: 2.391 = Severe
Medisys just disclosed that it had been impacted by ransomware, exposing 60,000 patient records. A division of Telus, Medisys operates clinics in British Columbia and Alberta providing preventive health-care services under the name Copeman Clinics. The company chose to retrieve the stolen data by paying the ransom.
Individual Risk: 1.866 = Severe
The company estimates that the breach disclosed information for about 5% of its clients, but the investigation continues. Stolen information for impacted patients includes names, contact information, provincial health numbers, and test results. Clients’ financial information and social insurance numbers were not affected.
Customers Impacted: 60,000
How it Could Affect Your Customers’ Business: Phishing-based email threats are a danger for any company, and they’re only increasing as cybercriminals take advantage of a wealth of cheap data and software for conducting these attacks on the Dark Web.
ID Agent to the Rescue: In tumultuous times, every company needs to have a strong suite of solutions in place to protect their systems and data in an increasingly dangerous threat landscape. Our digital risk protection platform provides that power at a price you’ll love. SEE OUR SOLUTIONS>>
The Week in Breach – United Kingdom & European Union
United Kingdom – International Maritime Organization (UN IMO)
https://www.infosecurity-magazine.com/news/un-shipping-agency-offline/
Exploit: Ransomware
UN IMO: Shipping Safety Regulatory Authority
Risk to Business: 2.071 = Severe
Ransomware chose UN IMO as it’s newest port of call last week, taking several key systems offline at the regulatory organization. in an announcement, UN IMO reported that its Global Integrated Shipping Information Systems (GISIS) database, document repository IMODOCS, and its Virtual Publications service had been knocked down by the attack. Restoration and recovery is underway, and most systems have been restored.
Individual Risk: No personal information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: The number one way for ransomware to land at your business is through a phishing email. Increasing security awareness training including phishing resistance training is essential for preventing cybercrime like ransomware from impacting your organization.
ID Agent to the Rescue: BullPhish ID makes your staffers more wary of suspicious messages. Featuring easy remote management and plug-and-play training kits in 8 languages, BullPhish ID is ideal for training an in-office or remote workforce. SEE BULLPHISH ID IN ACTION>>
Switzerland – Swatch
Exploit: Ransomware
Swatch: Watchmaker
Risk to Business: 2.301 = Severe
World-renowned watchmaker Swatch was hit with ransomware that impacted several of its systems, causing disruptions throughout its operations for several days. Some systems weren’t directly affected but were shut down to mitigate damage and stem the tide of the infection. The company did not identify the exact type of ransomware used but indicated in a statement that it was aware of the culprit and would be pursuing legal action accordingly.
Individual Risk: No individual information has been reported as compromised in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware doesn’t always allow thieves to steal data – sometimes cybercriminals want to shut a business down by stopping production or impacting other business operations to cause disruption.
ID Agent to the Rescue: Don’t let ransomware shut down your operations. Put 3 layers of protection against email threats like ransomware and your business with Graphus, the automated phishing guardian that’s on duty 24/7/365. LEARN MORE>>
The Week in Breach – Australia & New Zealand
Australia – Scouts Victoria
Exploit: Phishing
Scouts Victoria: Youth Organization
Risk to Business: 2.227 = Severe
Someone needs to spend more time working on their “Phishing Defense” merit badge at Scouts Victoria after an employee fell for a phishing attack exposing the personally identifiable data of thousands of members. The youth organization provides empowerment, community support, and job training for young people. The incident happened in late July and August 2020. Scouts Victoria said it has notified the victims of the breach and has contacted relevant government authorities, including the Office of the Australian Information Commissioner (OAIC) and the Department of Human Resources.
Individual Risk: 2.317 = Severe
Sensitive information including names, phone numbers, credit card information, ID documents including passport information and driver’s license details, and bank details were exposed ion the breach, but it’s unclear if that data belongs to youth members, parents of members, or adult volunteers.
Customers Impacted: 900 estimated at this time, but the organization’s full membership includes 17,000 youth members and 5,000 adult volunteers.
How it Could Affect Your Customers’ Business: Phishing is a dangerous proposition that every business faces daily, but businesses who store sensitive information, especially about children, need to be sure that their data is protected even if a staffer falls for a phishing attack.
ID Agent to the Rescue: Add an essential second layer of protection between the bad guys and your data with secure identity and access management controls like multifactor authentication with Passly. SEE A DEMO>>
The Week in Breach – Asia & Pacific
India – Edureka
https://inc42.com/buzz/edureka-suffers-server-breach-data-of-2-mn-users-exposed/
Exploit: Unsecured Database
Edureka: Education Technology Provider
Risk to Business: 1.866= Severe
Cybersecurity researchers discovered an unsecured Elasticsearch server belonging to Indian education technology service Edureka that was overflowing with information for bad actors to savor – 25 gigabytes of fresh data, containing more than 45 million breached records of personal data from users. Many of the records were duplicates or fragments, obfuscating the real impact. After informing the company and not receiving a response, the researchers informed the Indian Computer Emergency Response Team (CERT-In) and the server was secured.
Individual Risk: 2.661 = Moderate
The exposed server contained names, addresses, and phone numbers for users primarily located in India, although some US users were also impacted.
Customers Impacted: 2 million estimated
How it Could Affect Your Customers’ Business: Failing to secure a server is a rookie move and an indication that a company may not be using cybersecurity best practices elsewhere in the organization.
ID Agent to the Rescue: Data like this generally ends up in a Dark Web data dump, the fuel that empowers cybercrime with millions of PII records, email addresses, and passwords. Protect your company from password compromise due to Dark Web data dumps and be alerted if any of your protected credentials appear in one with Dark Web ID. SEE THE POWER OF DARK WEB ID>>
The Week in Breach Risk Levels
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
No comments:
Post a Comment