The Week in Breach: 01/06/21-01/12/21 | CloudSmart IT

The Week in Breach: 01/06/21-01/12/21

This week multiple healthcare targets receive an unwelcome diagnosis of ransomware and learn more about why data breach danger is ratcheting up for every business and how you can better secure your customers from the onslaught.

The Week in Breach News – United States 


United States – Lake Regional Healthcare

https://www.beckershospitalreview.com/cybersecurity/minnesota-health-system-hit-by-ransomware-attack-4-details.html

Exploit: Ransomware

Lake Regional Healthcare: Hospital System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.919 = Severe

A ransomware attack at this Minnesota healthcare system on December 30 led to impacts in patient care as the hospital was forced to adopt downtime procedures. Most impacted systems have been restored and the incident is under investigation.

Individual Risk: No personal or consumer information was reported as impacted in this incident at this time but the incident is still under investigation.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is an increasingly popular option for cybercriminals looking to disrupt operations to score a quick payday from a much-needed service provider or manufacturer.


United States – OmniTRAX

https://www.freightwaves.com/news/ransomware-attack-hits-short-line-rail-operator-omnitrax

Exploit: Ransomware

OmniTRAX: Short Line Railway 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.172 = Severe

Conti ransomware is to blame for a major information theft at OmniTRAX and parent company Broe Group. Although rail and freight operations were not disrupted, proprietary data was stolen. The 70 gigabytes of leaked files presented by the gang include internal OmniTRAX documents and clearly showed that data came from the contents of individual employee work computers. It was not clear if it included data pertaining to OmniTRAX’s rail operations or its customers.

Individual Risk: No personal or consumer information was reported as impacted in this incident at this time but the incident is still under investigation.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Just one stolen or cracked password can wreak havoc on a company and its subsidiaries, leading to extensive (and expensive) recovery operations.


United States – Apex Laboratory

https://hotforsecurity.bitdefender.com/blog/apex-laboratory-confirms-ransomware-gang-stole-patient-info-in-cyberattack-25002.html

Exploit:  Ransomware

Apex Laboratories: Consumer Medical Testing 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.783 = Severe

Apex Laboratories definitely got a result that they weren’t expecting when DoppelPaymer ransomware popped up on December 15, snatching a large quantity of data. The attack resulted in the exfiltration of thousands of documents containing both protected health information of patients and personally identifiable information of Apex employees.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.166 = Severe

The data impacted is estimated to include patient names, dates of birth, test results, and some Social Security and phone numbers. The company is notifying affected patients. Apex employees and clients should be cautious about potential spear phishing email using this information.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware has been an especially pernicious menace to healthcare targets throughout the pandemic, and that’s not slowing down.

The Week in Breach News – Canada


Canada – Aurora Cannabis

https://www.bleepingcomputer.com/news/security/t-mobile-data-breach-exposed-phone-numbers-call-records/

Exploit: Unauthorized Access

Aurora Cannabis: Marijuana Dispensary Chain 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.664 = Severe

An email sent to an ex-employee of Aurora Cannabis uncovered a data breach affecting the personally identifiable information of the company’s current and past employees. It appears that the data was captured after unauthorized parties accessed the company’s SharePoint and OneDrive. The incident is still being untangled, as conflicting reports crop up about what information was stolen.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.580 = Severe

The actual details about the stolen data are unclear but are reported to include employee and former employee PII, credit card information, government identification, home addresses and banking details.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: It’s not all ransomware these days – good old-fashioned hacking is still a risk that every business faces. When information like this makes its way to the Dark Web, it makes hackers’ jobs easier.


Canada – Communauto

https://montrealgazette.com/news/local-news/communauto-hit-by-cyber-attack 

Exploit: Ransomware

Communauto: Car Sharing Service 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.918 = Severe

A ransomware attack brought many of Communauto’s business side activities to a halt, causing delays in the management of accounts payable and invoicing. Proprietary data and some client PII was stolen, but no user credit card data was impacted. The company elected to pay the ransom and announced that the gang had agreed to destroy the information.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.033 = Severe

The personal information of some of its clients, including member numbers, names, email addresses, street addresses and account identifying details was compromised. Clients of Communauto should be wary of possible spear phishing attempts.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware threats have grown as the economy has contracted, leaving ransomware gangs to look farther afield for targets. They’re aided and abetted by huge lists of passwords that give hackers what they need to find and exploit security weaknesses to slip malware into systems.


United States – Dassault Falcon Jet

https://securityaffairs.co/wordpress/113216/data-breach/dassault-falcon-data-breach.html

Exploit: Ransomware

Dassault Falcon Jet: Aviation Manufacturing 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.127 = Severe

Dassault Falcon Jet, a division of French conglomerate Dassault Aviation, was hit by the Ragnar Locker ransomware gang, resulting in extensive data theft. Bad actors made off with employee information, but no proprietary data theft was reported in the incident.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.702 = Severe

Extensive PII was exposed for current and former employees and their families including names, personal and company email address, personal mailing address, employee ID number, driver’s license number, passport information, financial account number, Social Security number, date of birth, work location, compensation and benefit enrollment information, and date of employment.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is no joke, and it has been increasingly pointed at manufacturing targets to both steal data and impact production, especially dangerous when a company manufactures assets like planes.

The Week in Breach News – United Kingdom & European Union


United Kingdom – Amey Plc

https://www.constructionnews.co.uk/contractors/amey/amey-hit-by-cyber-attack-05-01-2021/

Exploit: Ransomware

Amey Plc: Infrastructure Builder

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.631 = Severe

Venerable construction company Amey was hit by a ransomware attack in late December, attributed to the Mount Locker ransomware gang. The gang has begun leaking a trove of documents including contracts, bank statements and loan records, confidential partnership agreements, NDAs, correspondence between Amey and UK government departments and councils, and technical blueprints

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.221 = Severe

Employee data impacted in this breach includes scans of passports, driving licenses, and identity documents of company employees and directors, financial reports, employment records (new hire offers and resignation letters) and meeting notes.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: It only takes one ransomware attack to blow up your budget for the year, and it’s still early! Don’t leave anything to chance – put as much protection as you can in place to repel ransomware attacks.

The Week in Breach News – Australia & New Zealand


New Zealand – The Reserve Bank of New Zealand

https://www.dw.com/en/new-zealand-central-bank-hit-by-cyberattack/a-56184575

Exploit: Ransomware

The Reserve Bank of New Zealand: Central Government Bank 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.827 = Severe

The Reserve Bank of New Zealand (RBNZ) announced that it has experienced a data breach as a result of an unauthorized access incident at a third-party file-sharing service used by the bank to share and store some sensitive information. The nature and extent of information that has been potentially accessed is still being determined

Individual Impact: There is no confirmed information about the nature of this stolen data, but it may include some commercially and personally sensitive information.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is a favored weapon for both run-of-the-mill cybercriminals and nation-state hackers – and no organization is too big or too small to fall victim to ransomware.


Australia – Health and Community Services Union Tasmania

https://www.starobserver.com.au/news/tasmania-health-data-breach-sees-patient-hiv-status-published-online/199862

Exploit: Unsecured Database

Health and Community Services Union Tasmania: Regional Health Department 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.772 = Severe

A massive data exposure was uncovered at Tasmania’s Health department, leading to the exposure of some extremely sensitive information. Reports have surfaced that any person who called the State’s ambulance service starting in November 2020 have had their personal details posted publicly online. The data leak has since been addressed and is under investigation.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.811 = Severe

Reports say that over 26,000 pages of pager messages about patients between the ambulance service, dispatchers and healthcare personnel have been published including patients’ condition, personal details, addresses, HIV status, gender and age.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Security lapses like this aren’t just regrettable, they’re preventable. Failure to make sure that sensitive information is actually secure doesn’t speak well to any organization’s commitment to security.

The Week in Breach News Guide to Our Risk Scores


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

 

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.


The Week in Breach: Featured Briefing


Data Breach Danger Has Majorly Ramped Up for Every Business 


Cybercrime has been steadily on the rise throughout the opandemic. Now that we’re starting to see some end-of-the-year numbers tallied, it’s becoming even more apparent that 2020 was a very dangerous year for business cybersecurity – and 2021 isn’t looking much better.

One stunning statistic that hops right out of the Ponemon Institute’s biannual Cyber Risk Index is the estimation that 1 in 4 firms worldwide faced 7 or more serious cyberattacks in 2020. That includes firms of every size – no business is too small to be at risk of a cyberattack. The top security risks within IT infrastructure that were cited by survey respondents were: organizational complexity and misalignment, negligent insiders, cloud infrastructure and providers, skills shortages and malicious insiders

Another important fact to remember: 83% of respondents thought that the chances of an attacker gaining a foothold inside their company’s networks or systems over the next year are “somewhat” or “very” likely. They’re not just being pessimistic – precipitate increases in cybercrime across the board bear this thinking out. The survey goes on to list the risks and types of cyberattacks that most concern businesses: phishing and social engineering, clickjacking, ransomware, fileless attacks, botnets and man-in-the-middle attacks.

Cleanup and recovery from a cybersecurity incident is becoming more expensive too. According to business insurer Hiscox, incident response from cyberattacks can cost businesses $200,000 on average for a single large incident. Even at SMBs, remediation and recovery costs from a data breach can easily climb into 6 figures for even a few small cybersecurity incidents per year – and many companies learned that lesson in 2020.

Regularly updated security awareness and phishing resistance training is essential for every business as well. Companies that engage in regular cybersecurity training (at least quarterly) can have up to 70% fewer cybersecurity incidents each year.

Experts predict that we’ll see as much as a 40% rise in data breaches in 2021. With this information about the explosion in risk for businesses of every stripe at hand, it’s easy to see why now is the perfect time to bring up to your clients the value of updating and upgrading cybersecurity solutions to mitigate these threats. While budgets are universally tight, the cost of just one cybersecurity incident like a ransomware attack will be much higher than the cost of the security upgrades that prevent it.

Don’t hesitate to contact us for assistance. We can walk you through the benefits of our solutions for you!

The Week in Breach: Need to Know


Don’t Let Employee Blind Spots Cost You a Fortune 


The number one cause of a data breach never changes – it’s always human error. No matter how savvy you may think your staffers are about cybersecurity, everyone has a blind spot. How can you find your employees’ blind spots and make sure that you’re covering all of your bases?

A recent report called Cyberchology: The Human Element details some of the unfortunate consequences that the sudden shift to remote work and the stress of the pandemic has brought to the table. The most striking observation? Just over 80% of companies experienced cybersecurity challenges due to human error in 2020.

While human error is always going to the top cause of a data breach or similar cybersecurity incident, you can take steps to reduce that possibility by creating an atmosphere for your employees that makes it okay, or even encouraged, to ask questions and learn more about cybersecurity. A well-informed, confident staff is your secret weapon against cybercrime.

A strong cybersecurity culture is rooted in accessible, up-to-date, easy to understand security awareness training that includes phishing resistance. It’s important to use tools that nourish your healthy cybersecurity culture, not punishments to be endured. 

Making training pleasant and manageable for even your most tech-shy staffer helps foster a spirit of teamwork that has your staffers watching out for trouble to make sure that those blind spots are covered – because when every staffer is trained to spot and stop cybersecurity threats, everyone in your organization is on your defense team.

Follow us on social media to find out about breach news, new blog posts, product updates, and other important news!
View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.