Week in Breach 3/22/23-3/28/23 | CloudSmart IT

Week in Breach 3/22/23-3/28/23

This week: Multiple municipalities are compromised along with healthcare breaches and exposing patient data.  Twitter takes another big security hit as well. The last year has not been good for their the social media giant. 

Check out how CloudSmart IT can help keep you safe from vulnerabilities that can cause such damage to organizations. Visit our cyber-security page to see our offerings and schedule and schedule a consultation. 


The City of Oak Ridge, Tennessee


Exploit: Ransomware

The City of Oak Ridge, Tennessee: Municipal Government

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.702 = Severe

Officials in the City of Oak Ridge, TN, have disclosed that the city has been hit by a ransomware attack that has caused a network disruption that has impacted city services. Officials were quick to reassure citizens that the Oak Ridge Police Department and the city’s fire department could still be contacted through 911 and weren’t affected. However, the city was left unable to process utility payments due to the malware attack, noting that disconnect orders and late fees will not be added during the outage. Officials say that they are working to restore services as quickly as possible.

How It Could Affect Your Customers’ Business: Governments at every level continue to be popular targets for ransomware groups.

Puerto Rico Aqueduct and Sewer Authority (PRASA)


Exploit: Ransomware

Puerto Rico Aqueduct and Sewer Authority (PRASA): Utility

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.711 = Moderate

The Vice Society ransomware group has claimed responsibility for a ransomware attack on the Puerto Rico Aqueduct and Sewer Authority (PRASA). Officials disclosed the attack on March 19, saying that threat actors had gained access to customer and employee information. People impacted are being informed by letter. Utility services were not affected.  

How It Could Affect Your Customers’ Business: 14 of 16 critical infrastructure sectors were hit by ransomware attacks last year.


Kroger Postal Prescription Services


Exploit: Human Error

Kroger Postal Prescription Services: Pharmacy Delivery Service

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.706 = Severe

Kroger Postal Prescription Services (PPS) has filed a notice of a data breach. In a report to the Department of Health and Human Services, PPS noted that 82,466 Kroger customers who created online PPS accounts from July 2014 to Jan. 13, 2023, had their names and email addresses compromised due to an employee error. PPS said that on March 15, 2023, they sent out data breach letters to all individuals whose information was compromised.  

How It Could Affect Your Customers’ Business: Employee errors are a gateway to expensive, damaging data breaches and other cybersecurity problems, and training reduces them.


SundaySky Inc.


Exploit: Hacking

SundaySky Inc.: Video Marketing Platform

1.51 – 2.49 = Severe Risk

Risk to Business: 1.623 = Severe

SundaySky Inc. is a video marketing software company based in New York, has admitted that it has suffered a data breach thanks to hackers breaking into a few of its servers. The company said that an unauthorized party had accessed its cloud-based U.S. servers and copied certain files between January 6 and January 8, 2023. SundaySky works with healthcare providers including health plans to create marketing videos. Consumer information was accessed in the incident including consumers’ first names, personal email addresses and information related to their Healthcare Savings Accounts. The company said that it is working with federal law enforcement to investigate the incident. 

How It Could Affect Your Customers’ Business: Companies that are adjacent to the healthcare industry need to maintain a strong security posture to avoid expensive disasters.


US Wellness


Exploit: Supply Chain Attack

US Wellness: Healthcare Provider

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.899 = Moderate

 Blue Cross Blue Shield of Arizona (BCBSAZ) members are being informed that their personal data may have been compromised in a data breach involving a vendor of BCBSAZ, US Wellness. In turn, US Wellness points to one of its vendors as the source of the data breach. US Wellness says that it was informed on January 31, 2023, that an unnamed vendor had experienced a data breach. Ultimately, US Wellness was informed on February 9, 2023, that the vendor’s incident resulted in the exposure of personal data belonging to BCBSAZ members. Information impacted includes a member’s name, address, date of birth, member ID number, where a service originated and address of the service location. 

How it Could Affect Your Customers’ Business: Supply chain risk, especially from service providers, is a top concern for businesses as it continues to grow.




Exploit: Malicious Insider

Twitter: Social Media Platform

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.709 = Severe

Troubled social media giant Twitter has disclosed that some proprietary source code for Twitter’s platform and internal tools was exposed via GitHub. Twitter recently made a court filing in California to force GitHub to turn over data that could help the platform find the person responsible for the leak and give them information about any other GitHub users who may have downloaded the data. Twitter has also asked GitHub to take down the code. The New York Times reports that Twitter sources tell them that the company suspects that an employee who left the company last year may be responsible for the leak. GitHub has not commented on whether or not it would comply with Twitter’s request, but the information has apparently been available for several months. Twitter no longer has a press office to respond to inquiries, a casualty of the Elon Musk takeover.  

How it Could Affect Your Customers’ Business: Disgruntled employees are a huge security risk, and many take proprietary data with them when they leave a company.



The City of Toronto


Exploit: Supply Chain Attack

The City of Toronto: Municipal Government

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.836 = Severe

The Cl0p ransomware group has been on a cyberattack spree after turning its sights to exploiting a remote code execution flaw in Fortra’s GoAnywhere secure file transfer tool. The latest victim added to the list is the City of Toronto, Canada. The city confirmed on March 23, 2023, that it has experienced a data breach through an attack on a third-party vendor, resulting in the exposure of unspecified city data. The city says that it is in the early stages of its investigation, and it has not yet uncovered evidence that consumer data was impacted. Over 100 organizations have been hit by Cl0p in this crime wave including two others recently added to the gang’s dark web leak site, Virgin Red and the UK’s Pension Protection Fund (PPF).  

How it Could Affect Your Customers’ Business: Once a bad actor finds a juicy exploit, they’ll hammer at it until it stops working. Patching and regular maintenance can help reduce risk.


UK -Walsall Healthcare NHS Trust


Exploit: Hacking

The Walsall Healthcare NHS Trust: Healthcare Provider

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.733 = Moderate

The Walsall Healthcare NHS Trust, the operator of Walsall Manor Hospital, said that it has been hit by a cyberattack. The incident began two weeks ago on March 10, although it was only made public last Thursday, and it has since been contained. Hospital operations did not appear to be impacted. Signs point to a data breach, but exactly what data has been stolen was not specified. Hospital officials said that they are working with the U.K.’s National Cyber Security Centre and the Information Commissioner’s Office (ICO) to investigate the incident.

How it Could Affect Your Customers’ Business: This hospital got lucky, bad actors have been pounding hospitals with ransomware.


Alliance Healthcare


Exploit: Ransomware 

Alliance Healthcare: Pharmaceutical Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.733 = Severe

Spain’s leading pharmaceutical company, Alliance Healthcare, has experienced a likely ransomware attack. The company said that the attack began on March 17 and led to a complete shutdown of the company’s website, billing systems and ordering processes. The incident has led to drug supply shortages due to the snarled ordering and shipping systems as pharmacies scramble to resupply from other drug companies. Those delays and outages may linger. The incident remains under investigation. 

How it Could Affect Your Customers’ Business: Pharmaceutical companies have two major cyberattack risk factors: they’re suppliers and in the hard-hit healthcare sector.



Guam – Docomo Pacific


Exploit: Hacking 

Docomo Pacific: Telecommunications Provider 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.733 = Severe

Docomo Pacific, a major provider of mobile, television, internet and telephone services in Guam and the Northern Mariana Islands, has experienced a cyberattack that has negatively impacted its systems. The company disclosed that the March 18, 2023 attack led to customers throughout the region losing some of their services. The company stressed that customer data, mobile network services and fiber services remain unaffected. Some services were restored over the weekend, but the company has not offered a timeline for other services being restored after a Facebook post with a service restoration update was inundated with comments from angry customers.  

How it Could Affect Your Customers’ Business: Communications companies are infrastructure targets too, an attractive proposition for bad actors because of the time-sensitive nature of their business

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.