This week has it all! Codecov discloses a doozy of a breach, ransomware wins at casinos in Tazmania, see customer retention secrets and get tips for helping spending-shy customers bolster security (and your MRR).
United States – LogicGate
https://techcrunch.com/2021/04/13/logicgate-risk-cloud-data-breach/
Exploit: Hacking
LogicGate: Software Company
Risk to Business: 1.631= Severe
LogicGate notified customers that an unauthorized third party obtained credentials to its Amazon Web Services-hosted cloud storage servers storing customer backup files for its flagship platform Risk Cloud in 02/21. The risk and complaince specialty firm noted that only data uploaded on or prior to 02/23/21 would have been included in that backup file. The company said that an unauthorized third party was able to use filched credentials to decrypt files stored in AWS S3 buckets in the LogicGate Risk Cloud backup environment.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How It Could Affect You: Hacking into databases is a profitable enterprise for cybercriminals. Ebsuring that you’re using strong security for information storage is a modern essential.
United States – Codecov
https://therecord.media/codecov-discloses-2-5-month-long-supply-chain-attack/
Exploit: Third Party Data Breach
Codecov: Software and Cloud Developer
Risk to Business: 1.337 = Extreme
Codecov is facing a mess after a threat actor managed to breach its platform and add a credentials harvester to one of its tools, Bash Uploader Codecov said the breach occurred “because of an error in Codecov’s Docker image creation process that allowed the actor to extract the credential required to modify our Bash Uploader script.” The attacker gained access to the Bash Uploader script sometime in 01/21 and made periodic changes to add malicious code that would intercept uploads and scan and collect any sensitive information like credentials, tokens, or keys. Unfortunately, the bad guys had 2.5 months to run wild – the breach wasn’t discovered until 04/01. The damage isn’tlimited to only to clients who used the Bash Uploader script, either. Because the script is also embedded in other products, a large chunk of the company’s customers may be affected.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You Not only did Codecov fall victim to a cyberattack that adulterated its product, it didn’t find out for 2.5 months. Not a good look.
I
Canada – The Regional Municipality of Durham
Exploit: Third-Party Breach (Ransomware)
The Regional Municipality of Durham: Regional Government Services Entity
Risk to Business: 1.741 = Severe
The Regional Municipality of Durham, which provides regional services to eight local municipalities north of Lake Ontario, announced in an email that it “recently became aware of a cybersecurity incident that occurred with a third-party software provider which impacted the region.” That incident was through data services provider Accellion, breached several weeks ago by the Clop ransomware gang in an incident that continues to ripple into other organizations. The content of the leaked data is unclear but appear to be administrative records.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: This kind of data will be a windfall for the gang in today’s booming dark web data markets, but the Accellion breach will also continue to be a nightmare for impacted organizations.
United Kingdom – Castle School Education Trust
https://www.bristolpost.co.uk/news/bristol-news/latest-ransomware-attack-24-schools-530891
Exploit: Ransomware
Castle School Education Trust: School System
Risk to Business: 2.463 = Severe
A massive ransomware incident has snarled the start of the new term for 24 schools near Bristol. Laptops, whiteboards and more than 1,000 devices have been disabled, impacting educators and students in 7 schools run by the Castle School Trust and the 17 others maintained by the local authority who relied on the academy group’s IT infrastructure.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: Ransomware has been an increasingly popular tool for cybercriminals to use against targets in the education sector. Preventing it from hitting systems is just as important as protecting data.
Ireland – Matthew Clark Bibendum (MCB)
Exploit: Ransomware
Matthew Clark Bibendum (MCB): Beverage Distributor
Risk to Business: 1.672 = Severe
Matthew Clark Bibendum (MCB) said they were “temporarily supporting customers and suppliers manually” after experiencing a cyberattack on 04/16. The probable ransomware attack has severely interrupted operations throughout Ireland and the UK. MCB is owned by C&C Group, which manufactures and distributes two of its most well-known brands, Irish cider Bulmers and Scottish beer Tennent’s, to more than 40 countries.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: Ransomware is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen.
Australia – Federal Group
https://www.infosecurity-magazine.com/news/cyberattack-shutters-half/
Exploit: Ransomware
Federal Group: Casino Operator
Risk to Business: 1.612 = Severe
Threat actors struck casinos on the Australian island of Tasmania. Sole casino operator Federal Group was targeted in a ransomware attack that impacted both gambling and hospitality operations. The attack affected hotel booking systems in the company’s Wrest Point and Country Club venues. It also knocked out operations at the perennially-popular slot machine floors. The company is working on fully restoring services and investigating the incident. Federal Group’s other 2 casinos in Tasmania were not affected.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: Ransomware is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen.
Australia – Spotless
Exploit: Ransomware
Spotless: Hospitality Services
Risk to Business: 2.112 = Severe
Hackers may have obtained past and present staff members’ passport and IRD numbers in a growing data breach at banquet and cleaning company Spotless. Impacted workers were informed by email last week. The company expects that a large amount of HR information may have been stolen by the cybercriminals in a suspected ransomware incident that is still under investigation.
Risk to Business: 2.206 = Severe
Current and former staff members may be at risk for identity theft and spear phishing. Fraud attempts have already begun to come to light.
Customers Impacted: Unknown
How it Could Affect You: Ransomware is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen.
India – Bizongo
https://www.hackread.com/india-bizongo-supply-chain-exposed-data/
Exploit: Ransomware
Bizongo: Packaging Manufacturer
Risk to Business: 1.755 = Severe
Packaging powerhouse Bizongo is in the hot seat after a data breach caused by a leaking AW3 bucket. researchers noted that approximately 2,532,610 files were exposed, equating to 643GB of data. The exposed data includes an assortment of operations info including business files and client records
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You Cybercrime is around every corner. It’s no longer acceptable to just survive a cyberattack – businesses have to be prepared to endure challenges and still keep going.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
No comments:
Post a Comment