The Week in Breach: 06/29/21-07/06/21 | CloudSmart IT

The Week in Breach: 06/29/21-07/06/21

 
 

Healthcare cyberattacks are popping up fast, this week we’re taking a look at overcoming the IT skills shortage with automation technology.

Arthur J. Gallagher

https://www.bleepingcomputer.com/news/security/us-insurance-giant-ajg-reports-data-breach-after-ransomware-attack/ 

Exploit: Ransomware

Arthur J. Gallagher (AJG): Insurance Broker 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.673= Severe

Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to customers impacted in a previously unannounced ransomware attack that hit its systems in late September 2020. The company said that an unknown party accessed data contained within their network between June 3, 2020, and September 26, 2020. The company has apparently just completed its investigation.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.522= Severe

While the company did not specify the types of data exposed, their SEC filing did and PII starred heavily on the list. Data exposed may include a client’s Social Security number or tax identification number, driver’s license, passport or other government identification number, date of birth, username and password, employee identification number, financial account or credit card information, electronic signature, medical treatment, claim, diagnosis, medication or other medical information, health insurance information, medical record or account number and biometric information.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Proprietary data like this is cybercriminal gold. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.


Washington State Department of Labor and Industries

https://www.thenewstribune.com/news/state/washington/article252532918.html 

Exploit: Third-Party Data Breach

Washington State Department of Labor and Industries: Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.816 = Severe

Washington State informed over 16,000 workers that their PII may have been exposed in a ransomware attack on Renton market research company Pacific Market Research (PMR). The contractor was hit with a ransomware attack in May 2021.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.516 = Severe

The exposed information for workers includes claim numbers and dates of birth for 16,466 workers who had workers’ compensation claims in 2019, which PMR had used to conduct a customer service survey for the agency.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business An unsecured database is easy pickings for cybercriminals and a rookie mistake that could cost the survey company a client.


Practicefirst

 https://healthitsecurity.com/news/healthcare-ransomware-attack-targets-practice-management-vendor

Exploit: Ransomware

Practicefirst: Healthcare Technology Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.223=Severe

Practicefirst announced that a 2020 healthcare ransomware attack may have exposed personally identifiable information (PII) of patients and employees. The service provider specializes in medical billing, coding, credentialing, bookkeeping, and practice management solutions. When they detected suspicious activity on December 30th, 2020, they shut down all systems, changed passwords and notified authorities but not before the bad guys scooped up data.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.201=Severe

Practicefirst disclosed that patient and employee information has been impacted including birthdates, names, addresses, driver’s license numbers, Social Security numbers, email addresses and tax identification numbers employee usernames and passwords, bank account information. Other data that may have been stolen is primarily treatment-focused like diagnoses, lab and treatment information, medication information and health insurance identification.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Clients and employees won’t be happy about having this kind of personal information stolen – and neither will the Department of Health and Human Services.


UofL Health

https://www.infosecurity-magazine.com/news/kentucky-healthcare-system-exposes/

Exploit: Insider Threat (Employee Error)

UofL Health: Healthcare System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.575 = Severe

Kentucky-based UofL Health has notified more than 40,000 patients of an employee blunder that resulted in their personal health information being emailed to the wrong address. In this case, a UofL employee accidentally sent personal health information from UofL patients to an email address outside of the health system’s network. According to UofL, the accidental recipient of the data did not view or access any patient information.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.502 = Severe

Patients whose data was impacted by the incident have been offered free identity protection services. No specifics about what exact data was accessed have been released beyond personal health information.

Customers Impacted: 40,000

How it Could Affect Your Customers’ Business Employee errors that impact compliance in a heavily regulated industry pack a punch after regulators get to work.


United Kingdom – Salvation Army

https://www.theregister.com/2021/06/30/salvation_army_ransomware_attack/

Exploit: Hacking

Salvation Army – Non-Profit 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.424= Severe

The United Kingdom arm of the evangelical Christian nonprofit Salvation Army disclosed that it had been the victim of an unspecified cyberattack. The industry press are reporting that the attack was purportedly ransomware but no confirmation is available at this time. The fundamentalist charity says that no programs were impacted and has not released information about the type of data that was stolen.

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business organizations that hold financial information for donors should put extra care into securing it to keep those people donating.


Spain – MasMovil

https://www.hackread.com/revil-ransomware-gang-hits-masmovil-telecom/

Exploit: Ransomware

MasMovil: Telecommunications

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.801 = Severe

Cybercrime gang REvil struck Spain’s fourth-largest telecom over the 4th of July weekend. The group claims to have “downloaded databases and other important data” belonging to the telecom giant, sharing screenshots apparently of the stolen MasMovil data that shows folders named Backup, RESELLERS, PARLEM and OCU.

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: If client data was impacted, GDPR carries stiff penalties for customer data loss and those continue to climb.



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

 

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.




Automation Reduces Delays and Headaches 


Everyone dreads having something go wrong in IT. The process of filing tickets, looking for answers and tracking down personnel doesn’t improve your day. But there is an easier way to get the job done. By choosing security solutions that make the most of today’s smart automation technology you can save your employees time and headaches – and you won’t have to blow up your budget to do it.

Security automation is an essential tool for businesses that want to maximize every dollar that they spend on security. In a recent report by IBM and the Ponemon Institute, experts noted that security automation can save more than 80% of the cost of manual security. That’s a big chunk of change for a small investment.

In the same report, researchers uncovered another important piece of information: an estimated 80% of leading cyber-resilient organizations rely on security automation for all kinds of tasks. Why wait for a trouble ticket to resolve when you can just reset your password immediately using automation technology. Plus, smart solutions that utilize AI are constantly learning, reducing the need for maintenance.

Best of all, today’s automation technology isn’t expensive, allowing every business to access the benefits. Talk to your MSP about adding smart automation to your security plan.

Follow us on social media to find out about breach news, new blog posts, product updates, and other important news!

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.