The Week in Breach News: 04/27/22 – 05/03/22 | CloudSmart IT

The Week in Breach News: 04/27/22 – 05/03/22

May the 4th be with you as you fight the good fight against cybercrime! This week, we’ll look at two attacks by the new ransomware group Black Basta. 



American Dental Association 

https://www.bleepingcomputer.com/news/security/american-dental-association-hit-by-new-black-basta-ransomware/

Exploit: Ransomware

American Dental Association: Professional Organization

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802 = Severe

The American Dental Association (ADA) was hit by a ransomware attack, allegedly conducted by new ransomware group Black Basta. The attack disrupted various online services, telephones, email, and webchat. Outage at the ADA website has caused some online services to be inaccessible, including the ADA Store, the ADA Catalog, MyADA, Meeting Registration, Dues pages, ADA CE Online, the ADA Credentialing Service and the ADA Practice Transitions.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business: The healthcare sector has been under siege from cybercriminals and the pressure isn’t letting up anytime soon.


The Coca-Cola Company

https://www.dailymail.co.uk/news/article-10755629/Coca-Cola-investigating-reports-data-breach-claim-Stormous-ransomware-group-stole-data.html

Exploit: Ransomware

The Coca-Cola Company: Beverage Manufacturer & Distributor

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.804 = Moderate

The new ransomware group Stormous claims they’ve pulled off a ransomware attack against The Coca-Cola Company, claiming that it snatched 161 gigabytes of data. The hacking group has been linked with Russian nationalist cybercrime following its public statement vowing to take action against companies that pulled out of Russia in the wake of Russia’s invasion of Ukraine. Financial data, passwords and commercial account records are said to be among the stolen data. Coca-Cola says that it is investigating the matter.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business ransomware can have a negative impact on a business even if it doesn’t shut down operations.


ARcare

https://portswigger.net/daily-swig/data-breach-at-us-healthcare-provider-arcare-impacts-345-000-individuals 

Exploit: Hacking

ARcare: Medical Clinics

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.711 = Severe

 ARcare, a medical services company that operates clinics for underserved communities in Arkansas, Kentucky and Mississippi, disclosed a data breach impacting an estimated 345,000 patients in a filing with The U.S. Department of Health and Human Services (HSS). After a disruptive incident on February 24, 2022, an investigation turned up the unwelcome news that a malicious hacker had access to ARcare’s network over a five-week period between January 18 and February 24.  

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.814 = Severe

Potentially exposed patient data includes names, Social Security numbers, drivers’ license or state identification numbers, dates of birth, financial account information, medical treatment information, prescription information, medical diagnosis or condition information and health insurance information.  

How It Could Affect Your Customers’ Business: This is going to be a very expensive problem once regulators get finished with it.



Costa Rica – Junta Administrativa del Servicio Eléctrico de Cartago (JASEC)

https://therecord.media/conti-ransomware-cripples-systems-of-electricity-manager-in-costa-rican-town/

Exploit: Ransomware

Junta Administrativa del Servicio Eléctrico de Cartago (JASEC): Power Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.626 = Severe

Conti ransomware is to blame for continued trouble in Costa Rica’s public sector. After crippling several federal departments last week, the group has not snarled operations at Junta Administrativa del Servicio Eléctrico de Cartago (JASEC), electricity manager for the city of Cartago, population 160,000. Officials said that the attack has encrypted the servers used to manage the organization’s website, e-mail, administrative collection systems and more, rendering customers unable to pay for electricity and internet bills.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Infrastructure targets have had increasing trouble in the past 12 months, with the FBI reporting ransomware attacks in 14 of 16 infrastrucure sectors.


Trinidad and Tobago – Massy Stores

https://guardian.co.tt/news/massy-stores-cyber-attack-responsible-fortechnical-difficulties-6.2.1486007.5cbe53a1ba

Exploit: Hacking

Massy Stores: Supermarket Chain

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.311 = Extreme

The biggest supermarket chain in Trinidad, Massy Stores, was forced to temporarily suspend operations over the weekend after a cyberattack took out key systems, including cash registers. Surepay and Moneygram services were also impacted. The company says that no customer or employee data was stolen. Some stores have resumed operations, and the incident is under investigation.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Retailers have been getting hammered by cyberattacks coming in at 3rd on the list of industries most hit by ransomware attacks.

 



UK – The General Council of the Bar (GCB)

https://www.lawgazette.co.uk/news/bar-left-reeling-from-malicious-cyber-attack/5112298.article 

Exploit: Hacking

The General Council of the Bar (GCB): Regulatory Body

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.909-Severe

The General Council of the Bar (GCB) notified users of its website that it has been the victim of a cyberattack. GCB comprises the representative Bar Council and regulator Bar Standards Board. The attack has rendered several systems temporarily inaccessible including MyBar. The body’s statement notes that Authorisation to Practise and Court ID cards have both been extended due to this technical difficulty. The incident has been reported to ICO, National Cyber Security Centre and the Police. 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business In a challenging economy, no government can afford this kind of incident or the associated bills.


Germany – Deutsche Windtechnik

https://therecord.media/german-wind-farm-operator-confirms-cybersecurity-incident-after-ransomware-group/ 

Exploit: Ransomware

Deutsche Windtechnik: Power Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.096 = Severe

German wind farm operator Deutsche Windtechnik has disclosed that it was the victim of a ransomware attack. The Black Basta group is thought to be behind the attack after the company’s data appeared on its leak site. The attack took place April 11-12, 2022.  Deutsche Windtechnik noted that after shutting off systems for safety, they were able to reactivate the remote data monitoring connections to their wind turbines within a day or two. The incident was reported to the German Federal Office for Information Security (BSI). 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business This is the latest in a long string of strikes against energy sector targets in Germany.


Russia – Petersburg Social Commercial Bank

https://securityaffairs.co/wordpress/130726/cyber-warfare-2/anonymous-hack-russian-companies.html

Exploit: Nation-State Hacking (Hacktivism)

Tender

Petersburg Social Commercial Bank: Financial Institution 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.976 = Severe

Anonymous has not let up on hacking aimed at Russian targets. This week, the group published accounts of several more successful operations by its affiliates, including an operation against Petersburg Social Commercial bank, a major Russian bank. The group claimed vis DDoSecrets to have snatched 542 GB of data containing 229,000 emails and 630,000 files from the bank. Anonymous also announced successful forays against Elektrocentromontazh and ALET. 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Nation-state cybercrime can impact businesses outside the government or military sphere quickly when risk continues to ripple.



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.