The Week in Breach News: 06/23/21 – 06/29/21

This week the cybercrime gangs were busy! Nobelium, the gang behind the SolarWinds hack, is giving Microsoft and others a world of trouble with unexpected attacks. REvil scores medical data, a new ransomware gang debuts with a hit on Altus Group and how to defend against complex threats with simple security moves.

See how ransomware really works, who gets paid & what’s next in our NEW tell-all Ransomware Exposed! DOWNLOAD IT>>

Mercedes Benz USA
Exploit: Third Party Risk
Mercedes Benz USA: Carmaker

Risk to Business: 1.611= Severe
Mercedes-Benz USA has disclosed a data breach impacting some of its US customers. The data breach exposed PII of under 1,000 Mercedes-Benz customers and potential buyers. This breach was announced after a Mercedes-Benz vendor informed the company that the personal information of select customers was exposed due to an insufficiently secured cloud storage instance.

Individual Risk: 1.802= Severe
According to the company, the breach affects some customers and potential vehicle buyers who had entered sensitive information on Mercedez-Benz company and dealer websites between 2014 and 2017. The vendor who notified Mercedez-Benz of the data breach states that the exposed information included: self-reported customer credit scores, driver license numbers, Social Security numbers (SSNs), credit card numbers and dates of birth.
Individual Impact: No sensitive personal or financial information for clients has been declared compromised in this incident and the investigation is ongoing.
Customers Impacted: 1,000
How It Could Affect Your Customers’ Business: Proprietary data like this is cybercriminal gold. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.
ID Agent to the Rescue: Third-party and supply chain risk growing exponentially. Learn strategies to fight back in our eBook Breaking Up with Third-Party and Supply Chain Risk! DOWNLOAD IT>>
Washington Suburban Sanitary Commission (WSSC)
https://baltimore.cbslocal.com/2021/06/27/wssc-water-investigating-ransomware-attack/
Exploit: Ransomware
Washington Suburban Sanitary Commission (WSSC): Utility

Risk to Business: 2.116 = Severe
Washington Suburban Sanitary Commission (WSSC) has disclosed a ransomware attack that impacted some of its systems. The utility noted that the incident impacted a portion of their network that operates non-essential business systems. The company has admitted that cybercriminals were able to gain access to internal files but no more information has been provided. The incident is still under investigation. WSSC is the utility that provides water and sewer services to the Washington, DC metropolitan area.
Individual Impact: No sensitive personal or financial information for clients has been declared compromised in this incident and the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Ransomware attacks against strategic targets like utilities and infrastructure targets as ransomware gangs try to score a big payday fast from targets that can’t afford downtime.
ID Agent to the Rescue: NEW! Go behind the scenes of ransomware to see who gets attacked, who gets paid and what’s next on the hit list in Ransomware Exposed! DOWNLOAD NOW>>
DreamHost
https://www.infosecurity-magazine.com/news/cloud-database-exposes-800m/
Exploit: Unsecured Database
DreamHost: WordPress Hosting Service

Risk to Business: 1.823=Severe
A misconfigured cloud database exposed over 800 million records linked to WordPress users through hosting provider DreamHost. The 814 million records came from the firm’s managed WordPress hosting business DreamPress and appeared to date back to 2018. In this 86GB database, researchers noted admin and user information, including WordPress login location URLs, first and last names, email addresses, usernames, roles, host IP addresses, timestamps and configuration and security information, some linked to users with .gov and .edu email addresses. The database was purportedly secured within hours but the damage had already been done.
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business There’s no excuse for making basic security blunders, and clients may be less likely to want to work with those who do. A strong security culture prevents these blunders from happening.
ID Agent to the Rescue: Building a strong security culture is vital to maintaining a high level of security. The Security Awareness Champion’s Guide shows you how to make good security choices and avoid trouble. GET IT>>


Altus Group
Exploit: Ransomware
Altus Group: Real Estate Software

Risk to Business: 1.775 = Severe
Altus Group, a commercial real estate software solutions company, has announced that its data was breached. The company initially said that no data was stolen, a new ransomware group begs to differ. New cybercrime gang Hive has published samples of data allegedly stolen from Altus Group on its new dark website. The provided sample of exfiltrated files includes business data and documents, as well as Argus certificates and development files. No ransom amount has been confirmed and the incident is under investigation.
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business In this economy, ransomware groups are only going to keep cropping up and that means your clients are facing new danger every day.
ID Agent to the Rescue: Make sure you’re protecting the access points to your clients’ assets with strong security, including strong passwords with our Build Better Passwords eBook. GET IT>>


United Kingdom – French Connection UK (FCUK)
Exploit: Ransomware
French Connection UK (FCUK): Clothing Brand

Risk to Business: 2.351= Severe
United Kingdom-based clothing company French Connection UK has been hit by a major cybercrime gang: REvil. The ransomware gang was able to get away with a plethora of internal company data after taking control of the company’s back-end servers. The type of data has not been specified, but both business and employee data is at risk.
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Ransomware is everywhere these days and every business is at risk. Companies in every industry of every size are in cybercriminals’ sights as they hunt for big paydays.
ID Agent to the Rescue: Are you ready for the next risk? Find useful data to inform security decisions including our predictions for the biggest risks of 2021 in The Global Year in Breach 2021. READ IT NOW>>
Sweden – InfoSolutions
https://cybernews.com/news/swedish-covid-19-lab-with-millions-of-test-results-breached/
Exploit: Hacking
InfoSolutions: Medical IT Solutions

Risk to Business: 1.661 = Severe
InfoSolutions, a company that provides IT services to Swedish Public Health Agency including maintaining journals and COVID-19 databases in Sweden, published a statement claiming that it detected an intrusion to a database employed by 15 of 21 Sweden’s regions. The company says that there is no indication that any information has been passed on and that the databases were locked quickly. The internal investigation is ongoing.
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Medical data is catnip for hackers because it’s worth its weight in gold in dark web data markets, and healthcare targets worldwide have been under siege throughout the pandemic.
ID Agent to the Rescue: Increase the chance of speeding past pitfalls to victory when you boost cyber resilience for every customer using the tips in our eBook The Road to Cyber Resilience. DOWNLOAD IT NOW>


Brazil – Grupo Fleury
Exploit: Ransomware
Grupo Fleury: Medical Diagnostics Laboratory

Risk to Business: 1.702 = Severe
REvil had a busy week. They also struck medical services company Grupo Fleury, Brazil’s largest laboratory operator. The REvil gang is demanding $5 million to receive a decryptor and not leak allegedly stolen files, and it has published a sample according to its usual protocol. Grupo Fleury’s data could potentially contain enormous amounts of personal and medical data of patients, but no specifics of what was stolen have been made available.
Individual Impact: No sensitive personal or financial information has been confirmed as stolen in this incident but it is highly likely that will be the case as the incident progresses..
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Phishing and ransomware are today’s cybercriminal’s favorite tools to get the job done, and no matter how big or small, no organization is safe.
ID Agent to the Rescue: Are all of your clients dotting all the “I”s and crossing the “T”s to avoid risk? Use our Cybersecurity Risk Protection Checklist to make sure. DOWNLOAD IT>>


1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
No comments:
Post a Comment