Maximus
https://www.securityweek.com/up-to-11-million-people-hit-by-moveit-hack-at-government-services-firm-maximus/
Exploit: Hacking
Maximus: Government Services Company
Risk to Business: 1.734 = Extreme
Maximus, a service provider to several U.S. federal agencies including The Department of Health and Human Services (HHS) and the Centers for Medicare & Medicaid Services (CMS), has disclosed that it has been caught up in the MOVEit exploit net. In a filing with the U.S. Security and Exchange Commission (SEC), Maximus said that it discovered in May that its corporate network was affected by the MOVEit ransomware attack. The company determined that the attackers snatched files containing sensitive information including Social Security numbers belonging to between 8 million and 11 million individuals. The investigation into the incident is ongoing.
How It Could Affect Your Business : This zero-day exploit has been a gold mine for Cl0p and new companies are added to the victim list every day.
Southern Association of Independent Schools, Inc (SAIS)
https://www.websiteplanet.com/news/sais-breach-report/
Exploit: Misconfiguration
Southern Association of Independent Schools, Inc (SAIS): Accreditation Non-Profit
Risk to Business: 1.876 = Severe
Website Planet reported the discovery of a large unsecured database belonging to the Southern Association of Independent Schools, Inc (SAIS) that contains highly sensitive information. Researchers discovered a variety of data inside including multiple types of student and teacher records, health information, teacher background checks and Social Security numbers, active shooter and lockdown notifications, maps of schools, financial budgets, school cybersecurity plans and much more. Incredibly, the treasure trove also contained third-party security reports that exposed weaknesses in school security, locations of cameras, access and entry points, and more. These documents could pose a potentially serious real-world security risk to the safety of students and teachers. Once informed SAIS took action to resolve the problem.
How It Could Affect Your Business Education has been a top sector for ransomware attacks because it’s both time-sensitive and a great source of data.
Rite Aid
https://healthitsecurity.com/news/software-vulnerability-triggers-rite-aid-data-breach-24k-impacted
Exploit: Hacking
Rite Aid: Pharmacy Chain
Risk to Business: 1.612 = Severe
Rite Aid has revealed a data breach that impacts the personally identifiable information (PII) of an estimated 24,400 customers. The trouble began on May 31, 2023, when a vendor partner alerted Rite Aid about a vulnerability in their software. Unfortunately, it was too late, and Rite Aid discovered that the vulnerability had already been exploited by bad actors. Customers’ exposed PII includes a patient’s first and last names, dates of birth, addresses, prescription data like medication names and fill dates, prescriber information, and in some cases, limited insurance data such as the plan name and cardholder ID.
How It Could Affect Your Business : This breach will be very expensive for Rite Aid after investigation costs and regulatory penalties are added up.
Tempur Sealy
https://therecord.media/mattress-giant-tempur-sealy-cyberattack
Exploit: Hacking
Tempur Sealy: Mattress Manufacturer
Risk to Business: 1.349 = Moderate
No one’s sleeping easy at Tempur Sealy as the company contends with a cyberattack. The incident began on July 23 and the company said it was forced to shut down its IT systems and implement its business continuity plan. In a filing to the U.S. Securities and Exchange Commission, Tempur Sealy said that the company’s operations had been hindered, but did not specify the extent. Although this looks like a ransomware attack, no ransomware group has claimed responsibility. The company said that it has contracted with an outside cybersecurity specialist in the investigation as well as law enforcement.
How It Could Affect Your Business : Even one small cyberattack can be a big problem that brings big bills for any business.
Pacific Premier Bancorp
https://www.reuters.com/technology/pacific-premier-says-vendor-hit-by-moveit-data-breach-2023-07-25/
Exploit: Supply Chain Attack
Pacific Premier Bancorp: Bank
Risk to Business: 1.637 = Severe
California-based Pacific Premier Bancorp is the latest financial institution to become ensnared in the MOVEit exploit storm. In a filing with the U.S. Securities and Exchange Commission, the bank disclosed that customers’ sensitive data had been stolen in an attack on one of the bank’s vendors. The data snatched includes customers’ names, Social Security numbers, account numbers and other unspecified personally identifiable information. Impacted customers will be informed by mail. The bank did not specify how many customers had data exposed, saying that their investigation is ongoing.
How it Could Affect Your Business : Supply chain risk is constantly growing for businesses as bad actors ramp up strategic attack pressure.
Canada – CardioComm
https://www.securityweek.com/cardiocomm-takes-systems-offline-following-cyberattack/
Exploit: Hacking
CardioComm: Medical Technology Company
Risk to Business: 1.766 = Severe
CardioComm a Canadian heart monitoring and medical electrocardiogram solutions provider announced that it has taken systems offline following a cyberattack. The company admitted that the attack has impacted its production server environments and will have an impact on its business operations. Visitors to the company’s website are informed that CardioComm services are currently offline. CardioComm said that it does not believe that customer health information was compromised in the attack, noting that it does not collect that data.
How it Could Affect Your Business : Even if they don’t steal any data, the bad guys can cause trouble with disruptive cyberattacks.
Yamaha Canada Music
https://www.scmagazine.com/brief/cyberattack-claimed-by-ransomware-gangs-disclosed-by-yamaha-canada-music
Exploit: Ransomware
Yamaha Canada Music: Musical Instrument Company
Risk to Business: 1.707 = Severe
Canadian musical instrument maker Yamaha Canada Music has disclosed that it has been the victim of a ransomware attack. In an interesting twist, just like some of last week’s attacks, this one also features more than one ransomware group claiming responsibility, this time BlackByte and Akira. BlackByte included Yamaha Canada on its list of victims on June 14 before the company was added by Akira ransomware on its leak site on July 21. The company admitted that the personal data of some of its employees had been compromised but did not offer specifics. The incident is under investigation.
How it Could Affect Your Business : Employee data is just as useful and profitable for bad actors as consumer data.
Scotland – University of Western Scotland (UWS)
https://www.computerweekly.com/news/366546112/Scottish-university-hit-by-Rhysida-ransomware-gang
Exploit: Ransomware
University of Western Scotland (UWS): Institution of Higher Learning
Risk to Business: 1.413 = Moderate
Data purportedly stolen from the University of Western Scotland (UWS) has made its way to the dark web courtesy of the up-and-coming Rhysida ransomware gang. The group is demanding over $450k to not expose any more data or sell the lot in the next few days. UWS’ trouble began in early July when the cyberattack caused a brief period of downtime across some of UWS’s key systems, including its public-facing website. The attackers claim that the data they have includes the personal details of staff members, including financial and National Insurance data, and a number of internal university documents. The university is working with Police Scotland and the National Cyber Security Centre (NCSC) in the investigation.
How it Could Affect Your Business : The sum requested is outrageous, but fledgling ransomware groups often do things like that to make a name for themselves.