Week in Breach 5/17/-5/23/23 | CloudSmart IT

Week in Breach 5/17/-5/23/23

This week: Ransomware snarls operations at two tech companies, a bank in Indonesia gets caught trying to gloss over a ransomware attack, a big breach at a medical debt collector and a look at the over 30% rise in business email compromise attacks.

Credit Control Corporation

https://www.hackread.com/credit-control-corporation-data-breach/

Exploit: Hacking

Credit Control Corporation: Debt Collector

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.281 = Extreme

Credit Control Corporation (CCC), a Virginia-based debt collection company that primarily handles medical debt, has admitted that it suffered a data breach in March 2023 that resulted in the exposure of personal information for 286,699 people. The company told the Maine Attorney General’s Office that an unauthorized party gained access to its network between March 2 and March 7, 2023, and illegally copied some files. The unauthorized party stole data including consumers’ names, addresses, and Social Security numbers as well as data related to the individual’s accounts with CCC business partners, such as account numbers, account balances and dates of service. CCC says it is working with law enforcement to resolve the investigation.

How It Could Affect Your Customers’ Business: This will be an expensive nightmare for CCC to endure with the combination of medical and financial data stolen.

 

ScanSource

https://www.bleepingcomputer.com/news/security/scansource-says-ransomware-attack-behind-multi-day-outages/

Exploit: Ransomware

ScanSource: Technology Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.592 = Severe

U.S.-based SaaS connectivity and network communications provider ScanSource says that it has been the victim of a ransomware attack that has impacted its systems, business operations and customer-facing portals. ScanSource confirmed that the attack hit on May 14, taking down customer portals and websites. The company warns that there will be delays in the provision of services to customers in North America and Brazil. ScanSource also said that it has enlisted the help of a third-party forensics firm and law enforcement in its investigation. No group had claimed responsibility at press time.

How It Could Affect Your Customers’ Business: Technology companies are often service providers, making them attractive targets that can offer both profit and access to other businesses.

 

The Illinois Department of Healthcare and Family Services (HFS)

https://www.countryherald.com/news/local/illinois-data-breach-exposes-private-information-of-medicaid-snap-and-tanf-recipients/

Exploit: Hacking

The Illinois Department of Healthcare and Family Services (HFS): Regional Government Agency

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.769 = Moderate

The Illinois Department of Healthcare and Family Services (HFS) has disclosed that it has experienced a data breach that has exposed data for residents. HFS said that the data breach occurred in the State of Illinois Application for Benefits Eligibility (ABE) system’s Manage My Case (MMC) portal, a system also used by the Illinois Department of Human Services (IDHS). The ABE system is used to determine the eligibility of applicants for medical and poverty relief programs including Medicaid, the Supplemental Nutrition Assistance Program (SNAP) and Temporary Assistance for Needy Families (TANF). The agency said that the exposed data includes names, social security numbers, recipient identification numbers, addresses, phone numbers and income information for program applicants.  

How It Could Affect Your Customers’ Business: Hackers favor government agencies and systems because they tend to hold a wide variety of data in large quantities.

 

Uintah Basin Healthcare

https://www.bankinfosecurity.com/uintah-basin-healthcare-data-breach-affects-over-100000-a-22066

Exploit: Hacking

Uintah Basin Healthcare: Health System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.719 = Severe

Utah’s Uintah Basin Healthcare has disclosed that a data breach has led to the exposure of data for some 100,000 patients who have been treated within the system in the last 10 years. Uintah Basin Healthcare began notifying patients last week that it experienced unusual activity on its network in November 2022 that resulted in data exposure for 103,974 patients treated between March 2012 and November 2022. The rural health system said that the stolen data includes clinical information, diagnoses, medications and test results.

How It Could Affect Your Customers’ Business: This will be a punishingly expensive problem for this small rural health system to handle.

 


France – La Malle Postale

https://securityaffairs.com/146191/data-breach/personal-info-of-90k-hikers-leaked-by-french-tourism-company-la-malle-postale.html

Exploit: Misconfiguration

La Malle Postale: Transportation Service

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.781 = Moderate

A data leak on La Malle Postale’s system has exposed the personal data of an estimated 90K of their clients. A research team reported uncovering a publicly accessible database with more than 4GB of personal data belonging to the company’s clients, including more than 13,000 SMS messages sent between the company and its customers. The leaked personal data included the names, emails and phone numbers of nearly 90K customers along with lightly secured passwords and employee credentials. The company appears to have since secured the data.

How it Could Affect Your Customers’ Business: Failure to properly secure data can be just as costly to handle as having data stolen.


France – Lacroix

https://www.infosecurity-magazine.com/news/lacroix-shuts-three-factories-week/

Exploit: Ransomware

Lacroix: Electronics Manufacturer

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.866 = Moderate

French electronics manufacturer Lacroix said that it has experienced a cyber-attack on its operations at sites in France, Germany and Tunisia. The company said that it was forced to temporarily shut down several online systems to contain the attack and assess the damage. Lacroix said that it is implementing backups and conducting analysis to identify any exfiltrated data. Based on reports of the attack encrypting some local infrastructure at Lacroix’s sites along with data exfiltration, experts say this is likely a ransomware attack. Lacroix is expected to resume full operations at the shut down sites this week and the company said that it does not anticipate any significant impact on the overall performance projected for the group in 2023. 

How it Could Affect Your Customers’ Business: Manufacturers are prime targets for ransomware because of the time-sensitive nature of their business.


Latvia – airBaltic

https://www.bleepingcomputer.com/news/security/airline-exposes-passenger-info-to-others-due-to-a-technical-error/

Exploit: Internal Error

airBaltic: Airline

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 1.883 = Severe

Latvia’s airBaltic has begun informing customers that they may have had personal data exposed after an internal error led to some customers being sent other customers’ flight information erroneously. The airline said that only “a small number” of customers had data exposed. That exposed information may have included the passengers’ full names, birth dates, itinerary and email addresses. airBaltic was quick to reassure customers that no financial or payment data was involved. However, the PNR/reservation number for the impacted passengers was exposed and that could allow the recipient to make changes to the itinerary. The airline said that it will change the number for any customer who requests it.

How it Could Affect Your Customers’ Business: A mistake like this doesn’t look good to customers who are concerned about the security of their personal data.

 


Indonesia – Bank Syariah Indonesia

https://www.bankinfosecurity.com/lockbit-leaks-15tb-data-stolen-from-indonesias-bsi-bank-a-22110

Exploit: Ransomware

Bank Syariah Indonesia: Bank

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.386 = Extreme

The LockBit ransomware group has published 1.5TB of data that it claims to have snatched from Indonesia’s largest Islamic bank, Bank Syariah Indonesia. The published records include the personal and financial information of about 15 million of the state-owned bank’s customers and employees. Up until now, the bank had claimed that widespread service outages in the last few weeks were the result of maintenance, but it was forced to admit that the problems were actually the result of a cyberattack. Bank Indonesia, the country’s central bank, said last Thursday that it had helped Bank Syariah Indonesia restore its real-time gross settlement, national clearing system and Bank Indonesia Fast Payment services. ATMs and bank branch services became available last week. Screenshots of ransom negotiations released by LockBit show that the bank dangled the possibility that it would pay the gang $10 million to recover its stolen data, but LockBit demanded $20 million before the negotiations broke off.

How it Could Affect Your Customers’ Business: The financial services sector has been the hardest hit by ransomware gangs in the last few years.

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.