Week in Breach 5/3/-5/9/23 | CloudSmart IT

Week in Breach 5/3/-5/9/23

Among other major breaches, a couple of crippling healthcare attacks took place this last week. One of them was right here in our own backyard unfortunately. This ransomeware attack has caused the local clinic to close for 2 WEEKS! Can your business afford that type of down time?
Find out on the CloudSmart IT Cybersecurity page some of the ways that you can improve your safe guards and schedule a free consultation to find out more about securing your business!

Murfreesboro Medical Clinic & SurgiCenter (MMC)

https://www.hipaajournal.com/ransomware-attack-results-shutdown-operations-tn-medical-clinic/

https://www.hipaajournal.com/ransomware-attack-results-shutdown-operations-tn-medical-clinic/

Exploit: Ransomware

Murfreesboro Medical Clinic & SurgiCenter (MMC): Healthcare Provider

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.622 = Extreme

The Murfreesboro Medical Clinic & SurgiCenter (MMC)in Tennessee has been forced to shut down operations for two weeks as the result of a devastating ransomware attack. The incident began on April 22, resulting in a complete shutdown of the facility’s systems to limit the spread of the attack.  Some individual offices within the system have reopened, but many major functions including a surgical center remain closed. MMC officials said that they have been working with cybersecurity experts and law enforcement to investigate the incident and determine the extent of the attack and restore full operations.

How It Could Affect Your Customers’ Business: a virtually complete closure for two weeks is a disaster for this medical group and the community it serves.


AvidXchange

https://techcrunch.com/2023/05/03/avidxchange-second-ransomware-attack-2023/

Exploit: Ransomware

AvidXchange: Payment Processor

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.762 = Severe

North Carolina-based payments company AvidXchange has disclosed that it is suffering its second ransomware incident of 2023. The RansomHouse ransomware gang has claimed responsibility for the attack and released the stolen data on its leak site. That data includes non-disclosure agreements, employee payroll information and corporate bank account numbers. The data that was published by RansomHouse also includes many user accounts’ login details, including usernames, passwords and, in some cases, answers to security questions for a variety of the company’s systems, including cloud accounts and security software, through to smart door locks and surveillance cameras. The company said that it detected the intrusion in early April.

How It Could Affect Your Customers’ Business: This type of financial data is extremely desirable on the dark web and valuable to bad actors, so it needs strong protection.

The City of Dallas, TX

https://www.securityweek.com/ransomware-attack-affects-dallas-police-court-websites/

Exploit: Ransomware

The City of Dallas, TX: Municipal Government

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.681 = Severe

A ransomware attack on the systems of the city government of Dallas, Texas impacted some systems last week. The attack shut down the Police Department and City Hall websites as well causing jury trials to be postponed in the Municipal Court. The computer-assisted dispatch system that is used to help firefighters respond to emergency calls was also knocked out, forcing first responders that utilize those systems to handle dispatch manually. The city said that the attack’s impact was limited and it’s working to restore affected systems. No word of any ransom demand and no one has claimed responsibility.

How It Could Affect Your Customers’ Business: Governments and government agencies of every size have been prime targets for ransomware attacks in the past few years.

Edison Learning

https://thejournal.com/articles/2023/05/01/ransomware-gang-claims-edison-learning-data-theft.aspx

Exploit: Ransomware

Edison Learning: Education Management Organization

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.719 = Moderate

The Royal ransomware gang says that it is responsible for a ransomware attack on public school and distance learning management company Edison Learning. The group added Edison Learning to its dark web data leak site on April 26. It claims to have stolen 20GB of the company’s data including personal information of employees and students. Edison Learning has confirmed the incident but refused to provide further details, saying that an investigation is ongoing.

How It Could Affect Your Customers’ Business: Because of the time-sensitive nature of their operations, schools are prime targets for ransomware attacks.

 

Constellation Software

https://www.bleepingcomputer.com/news/security/alphv-gang-claims-ransomware-attack-on-constellation-software/

Exploit: Ransomware

Constellation Software: Business Software Company

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.781 = Moderate

The ALPHV/BlackCat ransomware group successfully hit Ontario-based business software firm Constellation Software last week. The company has confirmed that some of its systems were breached by threat actors who also stole personal information and business data from a small number of systems related to internal financial reporting and related data storage. All systems have been restored. BlackCat listed Constellation on its leak site claiming to have nabbed 1 TB of data.

How it Could Affect Your Customers’ Business: Supply chain attacks like strikes on business service and technology providers have been escalating, elevating supply chain risk for businesses.



UK – The National Smallbore Rifle Association (NSRA)

https://www.infosecurity-magazine.com/news/gun-owners-targeted-rifle/

Exploit: Ransomware

The National Smallbore Rifle Association (NSRA): Sports Governing Body

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.866 = Moderate

The UK The National Smallbore Rifle Association (NSRA) is warning members that it experienced a hacking incident last week that may have exposed member data. In a statement, the association assured members that the attack hit legacy servers that contain working documents and its membership portal remains secure. However, the group said it cannot be sure who was impacted because it doesn’t have access to the breached servers, leading to reports concluding that this was a ransomware incident. NSRA said that it is working with the UK’s South East Regional Organised Cybercrime Unit (SEROCU) in the investigation.

How it Could Affect Your Customers’ Business: Information like this can be used by bad actors to mount spear phishing campaigns.

 

Australia – HWL Ebsworth

https://www.theguardian.com/technology/2023/may/02/australian-law-firm-hwl-ebsworth-hit-by-russian-linked-ransomware-attack

Exploit: Ransomware

HWL Ebsworth: Law Firm

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 1.883 = Severe

Australian commercial law firm HWL Ebsworth fell victim to a ransomware attack by the ALPHV/BlackCat ransomware group late last week. The bad actors claim to have snatched 4 TB of confidential company data. The group posted an assortment of data to their dark web leak site including employee CVs, IDs, financial reports, accounting data, client documentation, credit card information, and a complete network map.

How it Could Affect Your Customers’ Business: Law firms can hold some very valuable and sensitive data making them very attractive targets for bad actors.


Australia – Crown Princess Mary Cancer Centre

https://theconversation.com/a-cancer-centre-is-the-latest-victim-of-cyber-attacks-why-health-data-hacks-keep-happening-205131

Exploit: Ransomware

Crown Princess Mary Cancer Centre: Specialty Medical Clinic

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.786 = Moderate

Crown Princess Mary Cancer Centre in Westmead Hospital has disclosed that it has been the victim of a ransomware attack by the cybercrime group Medusa that has led to data exposure for patients. The group claims to have grabbed thousands of files, some containing sensitive patient data, and is threatening to expose them if not paid $100,000. The clinic has not confirmed what amount or types of data were stolen. NSW Health is investigating the incident in concert with authorities.

How it Could Affect Your Customers’ Business: Bad actors love to hit medical offices of all sizes hoping for a fast payment and lots of valuable data.



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.