The Week in Breach News: 02/02/22 – 02/08/22 | CloudSmart IT

The Week in Breach News: 02/02/22 – 02/08/22

Cybercriminals take a bite out of a UK snack company, a massive ransomware attack hampers fuel operations at EU ports, more De Fi hacks and why you should be worried about cryptocurrency risk.  



Morley Companies Inc. 

https://www.safetydetectives.com/news/business-services-provider-morley-discloses-ransomware-attack/

Exploit: Ransomware

Morley Companies Inc.: Business Services 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.507= Severe

Morley Companies, a business service provider to several Fortune 500 companies, announced that it had been hit with a ransomware attack that may have exposed sensitive information for more than 500,000 people.  In a statement, the company said that “a ransomware-type malware had prevented access to some data files on our system beginning August 1, 2021, and there was an unauthorized access to some files that contained personal information.”, chalking up the delay in notifying possible victims of this exposure to the complexities of the incident investigation.  

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.663= Severe

Morley Companies said the attack affected the information of “current employees, former employees and various clients.” The potentially compromised information leaked includes names, addresses, Social Security numbers, dates of birth, client identification numbers, medical diagnostic and treatment information and health insurance information. The company is offering credit monitoring and identity theft protection for victims.  

Customers Impacted: 500,000

How It Could Affect Your Customers’ Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.


Civicom, Inc.

https://abcnews.go.com/International/wireStory/official-puerto-ricos-senate-targeted-cyberattack-82495236

Exploit: Misconfiguration

Civicom Inc.: Business Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.017 =Severe

Civicom is in hot water after leaving 8 TB of data exposed in an unsecured AWS S3 bucket. The New York-based company specializes in virtual conferencing facilitation, transcription and research services. With offices in the United States, the Philippines and the United Kingdom. Ultimately, Civicom exposed records containing more than 100,000 files including thousands of hours of audio and video recordings containing private conversations as well as written transcripts of meetings and calls by the company’s clients.

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business This is not an uncommon mistake, but it’s always a problem and could be an expensive regulatory disaster in some industries


Wormhole

https://indianexpress.com/article/technology/crypto/hackers-steal-nearly-320-million-worth-of-crypto-assets-from-wormhole-7758034/

Exploit: Hacking

Wormhole: De Fi Platform 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.227= Extreme

Hackers swooped in and snatched up more than $320 million from De Fi platform wormhole this week. The DeFi platform, a bridge between cryptocurrency Solana (SOL) and other blockchains, was exploited for approximately 120,000 wrapped Ethereum in what is thought to be the second-largest cryptocurrency hack to date. Wormhole’s parent company Jump Crypto pledged to replace the 120,000 ether Wormhole lost. The company was quick to note that the crypto was stolen through exploiting a vulnerability in the platform, not taken from an Ethereum address and it was taken in 3 separate transactions.  

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business De Fi has been a hotbed of having activity as cybercriminals seek quick scores of cryptocurrency, and there’s no end to the danger in sight.

 


News Corp. 

https://www.reuters.com/business/media-telecom/news-corp-says-one-its-network-systems-targeted-by-cyberattack-2022-02-04/ 

Exploit: Nation-State Cybercrime

News Corp.: Media & Publishing Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.071 = Severe

Major media company News Corp. has disclosed that it was the target of a cyberattack by suspected Chinese nation-state hackers. The attack came to light in late January and affected News Corp. business units, including The Wall Street Journal and its parent company Dow Jones, the New York Post, News U.K. and News Corp. Headquarters. The hack affected emails and documents of what it described as a limited number of employees, including journalists. The incident is under investigation.

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Organizations should keep in mind the fact that the preferred weapon of nation-state cybercriminals is ransomware.

 




United Kingdom – KP Snacks

https://www.reuters.com/technology/hackers-hold-hula-hoops-hostage-cyber-raid-britains-kp-snacks-2022-02-03/ 

Exploit: Ransomware

KP Snacks: Food Manufacturer 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.321= Extreme

Food company KP snacks, manufacturer of beloved British snacks like Hula Hoops, KP Nuts, Butterkist popcorn and Nik Naks, was hit with a ransomware attack in late January that may impact its production. Conti ransomware operators have claimed responsibility. The company informed retailers in early February that the attack had impacted its manufacturing and distribution, and that product shortages may continue into March.

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.304= Extreme

Researchers discovered samples of some of the data it had infiltrated on its dark web leak page, including confidential employee data such as home addresses and phone numbers, employment contracts, credit card statements and even birth certificates.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware attacks against manufacturing targets have become increasingly prominent as cybercriminals look for a quick payday from businesses that they shut down.

 


United Kingdom – British Council

https://portswigger.net/daily-swig/british-council-data-breach-leaks-10-000-student-records

Exploit: Misconfiguration

British Council: Cultural Promotion & Language Testing

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.919 = Moderate

British Council, the global organization for promoting British culture and administrators of the International English Language Testing System (IELTS) exam, leaked over 144,000 files containing student records due to an unsecured Microsoft Azure blob. Researchers determined that the blob contained the personal information of hundreds of thousands of British Council English course learners and students from around the world. The group points to a contractor as the culprit for the leak.  

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.906 = Moderate

Exposed data includes a student’s full name, email address, student ID, student status, enrollment dates, duration of study and other information.  

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Cybercriminals have been having a field day going after education-related targets, a problem that is only growing worse.


Germany – Oiltanking

https://www.cyberscoop.com/major-german-fuel-storage-provider-hit-with-cyberattack-working-under-limited-operations/

Exploit: Ransomware

Oiltanking: Fuel Storage

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.313 = Extreme

A ransomware attack has impacted German fuel tanking company Oiltanking. The company was ensnared in a massive ransomware attack that has disrupted operations at 17 European oil terminals including the busy Amsterdam-Rotterdam-Antwerp refining hub starting on January 29th. Other European companies are also involved including German oil trade company Mabanaft, SEA-Invest in Belgium and Evos in the Netherlands. The attack appears to have had the most impact on the processing, loading and unloading of cargoes. BlackCat ransomware is thought to be behind the incident.  

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Infrastructure and utility attacks have become much more common – Utilities/Infrastructure was one of the top 3 industries for ransomware attacks in 2021.

 


Sweden – Securitas 

https://www.zdnet.com/article/unsecured-aws-server-exposed-airport-employee-records-3tb-in-data/

Exploit: Misconfiguration

Securitas: Security Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.2011 = Severe

Researchers have discovered an unsecured AW S3 bucket belonging to security company Securitas that left data exposed for airport employees in Colombia and Peru at four airports: El Dorado International Airport (COL), Alfonso Bonilla Aragón International Airport (COL), José María Córdova International Airport (COL), and Aeropuerto Internacional Jorge Chávez (PE). In addition to the exposed employee data, researchers also uncovered photographs of airline employees, planes, fuel lines, and luggage handling were in the bucket.   

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.992 = Severe

The exposed records include ID card photos, names, photos, occupations, and national ID numbers for Securitas and airport employees.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Information is a currency on the dark web and cybercriminals are always hungry for more, especially personal and financial data.



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.