Ransomware sours operations at dairy powerhouse Schreiber Foods, jeweler to the stars Graff is in the wrong kind of spotlight, an old gang with a new name hits the NRA, trouble at the Toronto Transit Commission and a look at the 9 biggest threats from ENISA’s Threat Landscape (ETL) report.
What was that noise? Is it a ghost or one of the Monsters of Cybersecurity breaking in to steal your data? Learn how to ward off those foul fiends fast! READ IT IF YOU DARE!>>
The National Rifle Association (NRA)
https://www.nbcnews.com/tech/security/cybercriminals-claim-hacked-nra-rcna3929
Exploit: Ransomware
National Rifle Association: Gun Rights Activist Group
Risk to Business: 1.417= Severe
Guess who’s back? Cybersecurity researchers believe that the notorious Evil Corp has rebranded itself as Grief, the group that has claimed responsibility for a probable ransomware attack at The National Rifle Association (NRA). Grief posted 13 files to its news website last Wednesday after they claimed to have hacked the NRA. The gang is threatening to release more of the files if they’re not paid, but no ransom demand was specified. NBC News reported that the files it saw were related to grants. The samples provided by the gang include blank grant proposal forms, a list of recent grant recipients, an email to a recent grant winner earlier this month, a W-9 form and the minutes from a September 24th NRA teleconference meeting.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
PracticeMax
https://www.govinfosecurity.com/phi-stolen-in-practice-management-firms-ransomware-attack-a-17813
Exploit: Ransomware
PracticeMax: Medical Practice Management Services
Risk to Business: 1.822=Severe
A ransomware attack on medical practice management services firm PracticeMax may have exposed Protected Health Information. The company notified members of Village Health that they may have been impacted by a cyberattack in April and May of 2021. VillageHealth is a care coordination program for patients with chronic conditions run by DaVita Inc. and offered through health plans including Anthem and Humana. PracticeMax indicates the breach affected more than 4,400 of its members in legal filings, but a company statement warns that they cannot say for sure that any data was actually accessed or stolen.
Individual Risk: 1.703=Severe
In breach notification letters being sent on behalf of DaVita, Humana and Anthem, PracticeMax says the incident affected PHI including members’ first and last name, date of birth, address, phone number, Social Security Number, member ID number and clinical data pertaining to services received through the VillageHealth program.
Customers Impacted: Unknown
United States – Schreiber Foods
Exploit: Ransomware
Schreiber Foods: Dairy Processor
Risk to Business: 1.442=Extreme
Wisconsin-based dairy powerhouse Schreiber Foods said its plants and distribution centers are back up and running after a ransomware attack ground operations to a halt over the weekend. The company announced that a “cyber event” had disrupted operations at its processing and distribution centers after critical systems were knocked or taken offline. Schreiber uses a variety of digital systems and computers to manage milk processing, so this event impacted the entire dairy supply chain in the US. This is the latest incident in a string of massive production-impacting cyberattacks against agricultural sector targets. The company is the largest milk processor in Wisconsin, and it has reportedly been hit with a $2.5 million ransom demand.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
Canada – Toronto Transit Commission (TTC)
https://www.cbc.ca/news/canada/toronto/ttc-ransomware-attack-1.6231349
Exploit: Hacking
Toronto Transit Commission (TTC): Government Entity
Risk to Business: 1.615= Severe
The Toronto Transit Commission was the victim of a ransomware attack that it says began last Thursday night and expanded on Friday. Officials were quick to assure the public that the attack has not caused any significant disruption to transit service and the public and employees are not at risk. They specified that transit vehicles are continuing to service their routes, but apps and computer displays of route information are being affected. There’s no word on when those functions will be restored.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
United Kingdom – Graff
Exploit: Ransomware
Graff: Jeweler
Risk to Business: 1.512= Severe
The Conti ransomware gang made headlines again with a successful ransomware attack against high-society jeweler Graff. The company counts clients like Donald Trump, David Beckham, Oprah Winfrey and other major-league clientele. Graff operates at the top end of the diamond jewelry market, with more than 60 retail stores worldwide. Reports say that the Conti group has already posted 69,000 confidential documents on its dark web leak site including client lists, contact data and other proprietary information. Ransom demands are reported to be in the millions of pounds.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
Poland – C.R.E.A.M. Finance
https://securityaffairs.co/wordpress/123861/cyber-crime/cream-finance-cyber-heist-130m.html
Exploit: Cryptojacking (Misconfiguration)
C.R.E.A.M. Finance: Decentralized Lending Platform
Risk to Business: 1.595 = Extreme
For the third time this year, cybercriminals have hit lending platform C.R.E.A.M. Finance, stealing cryptocurrency. This time, thieves made off with $130 million worth of cryptocurrency assets. According to the experts, the attackers have likely exploited a vulnerability in the platform’s flash loan feature, then transferred the stolen funds to a wallet under their control before splitting them through other wallets. This is the third successful heist from the platform this year. Crooks jacked $29 million in August 2021 and $37 million in February 2021.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
Thailand – Centara Hotels & Resorts
https://www.zdnet.com/article/luxury-hotel-chain-in-thailand-reports-data-breach/
Exploit: Ransomware
Centara Hotels & Resorts: Hotel Chain
Risk to Business: 1.637 = Severe
The Desorden ransomware group claims to have stolen over 400GB of files and databases containing information belonging to millions of hotel guests of Thailand’s Centara Hotels & Resorts. The hotel chain is part of Central Group, a conglomerate that also includes the Central Restaurants Group, which it hacked earlier this month. The hackers made it clear that this attack was in retaliation for the Central Group’s refusal to pay the ransom for the first attack after negotiating and promising payment. That incident would have provided a ransom payment of $900,000 before Central Group backed out of the deal on Tuesday, spurring the second attack.
Individual Risk: 1.818 = Severe
The company admitted that attackers had in fact breached their system and accessed the data of some customers. The data accessed includes names, booking information, phone numbers, email addresses, home addresses and photos of IDs. Whether or not passport data was included was not specified but it is commonly requested. The theft is said to have affected guests who stayed at the hotel chain between 2003 and 2021, including any guests that made advanced bookings up to December 2021.
Customers Impacted: Unknown
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
No comments:
Post a Comment