This Week in Breach News:
Hobby Lobby’s mistakes pack a high cost, Australia’s Channel 9 News gets knocked off the air by a cyberattack, production at Sierra Wireless gets held up by ransomware, and a look at what the FBI IC3 report means for your business.
United States – Hobby Lobby
https://threatpost.com/hobby-lobby-customer-data-cloud-misconfiguration/164980/
Exploit: Misconfiguration
Hobby Lobby: Craft Supply Retailer
Risk to Business: 1.662= Severe
Hobby Lobby made a blunder that was discovered this week. Researchers came across an Amazon Web Services (AWS) cloud database belonging to the controversial retailer that was misconfigured to be publicly accessible exposing 138GB of sensitive information.
Individual Risk : 1.707 = Severe
Exposed data includes customer names, partial payment card details, phone numbers, physical and email addresses along with source code for the company’s app, and employee names and email addresses. This information can be used for spear phishing and identity theft.
Customers Impacted: 300,000
How It Could Affect Your Customers’ Business: Making simple, avoidable blunders like this doesn’t fill your customers with confidence that you’re taking information privacy seriously.
United States – CNA Financial
Exploit: Ransomware
CNA Financial: Insurer
Risk to Business: 1.627 = Severe
Major insurer CNA Financial has disclosed that it was the victim of a purported ransomware attack this week, causing significant network disruption. The company’s email systems have been offline and the underwriting and claims units have been stymied, likely due to systems becoming unavailable. CNA said that they were disconnecting systems for safety and working to restore operations.
Individual Impact: No sensitive personal or financial information was announced as impacted in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Ransomware is the cause of many expensive disasters and they don’t all involve data. Cybercriminals can also hold your business operations hostage.
United States – California State Controller
https://krebsonsecurity.com/2021/03/phish-leads-to-breach-at-calif-state-controller/
Exploit: Phishing
California State Controller: State Government Agency
Risk to Business: 2.412 = Severe
A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO). The agency announced that attackers had access to the email records of an employee in its Unclaimed Property Division after the employee clicked a phishing link and then entered their email ID and password.
Individual Risk: 2.309 = Severe
The breach may have led to the exposure of personal and financial data for thousands of state employees. There is also evidence that the account was used to conduct business email compromise scams.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Something as simple as one mishandled email can wreak havoc on your business. No matter how busy you are, training has to be a priority to avoid this consequence.
United States – PDI Group
https://therecord.media/ransomware-gang-leaks-data-from-us-military-contractor-the-pdi-group/
Exploit: Ransomware
PDI Group: Defense Contractor
Risk to Business: 2.412 = Severe
US military contractor PDI Group has experienced a ransomware attack, with Babuk Locker claiming responsibility. the gang says that they have 700 GB of data they claim to have stolen from PDI’s internal network and they have made ransom demands after posting a sample to their site. PDI Group manufactures specialty trailers, dollies and other transport tools for multiple military applications.
Individual Impact: No sensitive personal or financial information was announced as impacted in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Failing to protect the secrets of your success like blueprints and formulas is a fast path to trouble when your competitors can download them from dark web sources.
Canada – Sierra Wireless
https://therecord.media/production-halted-at-sierra-wireless-factories-following-ransomware-attack/
Exploit: Ransomware
Sierra Wireless: Electronics Manufacturing
Risk to Business: 1.302 = Extreme
Canadian electronics giant Sierra Wireless has halted production at its manufacturing sites across the world after a ransomware attack crippled its IT systems. The disruption has kept staff from accessing internal documents and systems related to manufacturing and planning. Investigation and remediation are ongoing.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware can cause catastrophic delays in production, crippling factories. Preventing it from hitting systems is just as important as protecting data.
