This week: Two big ransomware hits on healthcare targets, and a major banking equipment company is attacked.
There is always trouble lurking in the cyber world you have to practices and also get help from IT professionals to help keep you safe. Here at CloudSmart IT, we strive to implement best practices and have tools to help keep you safe even if a user “slips up”. Check out how we can help protect your business here: CloudSmart IT Cybersecurity Solutions.
Ampersand
https://therecord.media/ampersand-television-advertising-sales-company-ransomware
Exploit: Ransomware
Ampersand: Analytics Agency
Risk to Business: 2.403 = Moderate
Television advertising giant Ampersand has admitted that it has become the victim of a cyberattack. The Black Basta ransomware has claimed responsibility. Ampersand provides viewership data about an estimated 85 million households to advertisers. The company said that it experienced a ransomware incident that briefly interrupted regular operations last week. No word on what if any data was stolen or any ransom demand.
How It Could Affect Your Customers’ Business: Companies like this often hold large quantities of valuable data making them attractive targets.
AIDS Alabama
https://thecyberexpress.com/aids-alabama-data-breach-update/
Exploit: Ransomware
AIDS Alabama: Non-Profit
Risk to Business: 1.211 = Extreme
Charity AIDS Alabama has disclosed that the organization has experienced a data breach of some very sensitive data. AIDA Alabama said that the breach occurred between October 11, 2021, and August 9, 2022. The exposed data includes sensitive personal information, including names, addresses, Social Security numbers, medical diagnoses, healthcare providers, health insurance details, email addresses and services received.
How It Could Affect Your Customers’ Business: Organizations that hold this kind of highly sensitive medical data need to put especially strong protection in place.
Orange County District Attorney
https://voiceofoc.org/2023/10/orange-county-district-attorney-hit-with-cyberattack/
Exploit: Hacking
Orange County District Attorney: Government Agency
Risk to Business: 1.873 = Moderate
The Orange County, California District Attorney’s Office has disclosed that it has been the victim of a cyberattack. A spokesperson for the office said that the office’s IT systems were hacked last weekend, resulting in portions of the system being shut down to limit damage. The agency’s ability to send and receive email was affected. The agency also said that it is investigating the incident in concert with the U.S. Federal Bureau of Investigation. The spokesperson was unable to comment on whether or not this was a ransomware attack, or if any data was stolen. The Orange County Sheriff’s Department said that it had severed its connection with the DA’s office to minimize its cyber risk after it was informed of the hack.
How It Could Affect Your Customers’ Business: Government agencies have been prime targets for bad actors looking for a quick payday.
Quality Service Installation (QSI)
https://thecyberexpress.com/blackcat-claims-qsi-banking-cyberattack/
https://securityaffairs.com/152486/cyber-crime/alphv-ransomware-morrison-community-hospital.html
Exploit: Ransomware
Quality Service Installation (QSI): Bank Equipment Company
Risk to Business: 1.710 = Severe
The busy ALPHV/BlackCat ransomware group has also claimed responsibility for a ransomware attack on banking equipment provider Quality Service Installation (QSI). The company is a major supplier of NCR cash handling solutions including ATMs. The group says that it stole a wide variety of data including financial, client, personal and product-related data from the QSI INC cyberattack. They also claimed that they nabbed SQL base data amounting to 5TB in the October 14 incident.
How It Could Affect Your Customers’ Business: the data stolen in this incident could be very beneficial to other criminals.
Kwik Trip
Exploit: Hacking
Kwik Trip: Convenience Store Chain
Risk to Business: 1.673 = Severe
The convenience store chain Kwik Trip has finally admitted that it suffered a cyberattack that caused some operational disruption. The incident started two weeks ago, but the company claimed it was having a network problem and did not experience a cyberattack. However, customers were concerned that their data had been exposed. The company’s Kwik Rewards Program, support systems, phones and email were all knocked offline and are being restored.
How it Could Affect Your Customers’ Business: Consumers don’t like doing business with companies that put their data at risk.
Arietis Health
Exploit: Hacking
Arietis Health: Revenue Cycle Management Company
Risk to Business: 1.612 = Severe
Arietis Health is the latest victim of the MOVEit exploit. The medical billing company is informing its partners that they may have had their patients’ data stolen. The incident has impacted more than 1.9 million individuals across more than 50 healthcare organizations. A variety of patient data was exposed including names, driver’s license numbers, Social Security numbers, dates of birth, medical record numbers, patient account numbers, diagnosis and treatment information, health insurance information, and prescription and provider information.
How it Could Affect Your Customers’ Business: The MOVEit exploit spree has hit an estimated 1k businesses worldwide.
United Kingdom – Volex
https://therecord.media/manufacturing-giant-hit-with-cyberattack
Exploit: Hacking
Volex: Electronics Manufacturer
Risk to Business: 2.002 = Severe
UK-based electronics and cabling manufacturing company Volex said that it was hit by a cyberattack that impacted its IT systems. The company said that bad actors gained access to its network last week. Volex was quick to reassure customers that all of its worksites remain operational, with minimal disruption expected in its global production. The company also said that it has hired a third-party firm to investigate the incident.
How it Could Affect Your Customers’ Business: Manufacturers have been increasingly under fire from cybercrime groups
Taiwan – D-Link
https://thehackernews.com/2023/10/d-link-confirms-data-breach-employee.html
Exploit: Hacking
D-Link: Network Hardware Manufacturer
Risk to Business: 2.716 = Moderate
D-Link, a leading manufacturer of routers, has experienced a data breach. The company claims that the data was not from the cloud but likely originated from an old D-View 6 system. D-Link said that the data was used for registrations in 2015. D-Link was involved in another data breach incident just two weeks ago after bad actors posted samples of the source code for D-Link’s D-View network management software on a dark web forum.
How it Could Affect Your Customers’ Business: two data breaches in under a month is not a good look for any company.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.