Week in Breach 10/18-10/24/23 | CloudSmart IT

Week in Breach 10/18-10/24/23

This week: Two big ransomware hits on healthcare targets, and a major banking equipment company is attacked.
There is always trouble lurking in the cyber world you have to practices and also get help from IT professionals to help keep you safe. Here at CloudSmart IT, we strive to implement best practices and have tools to help keep you safe even if a user “slips up”. Check out how we can help protect your business here: CloudSmart IT Cybersecurity Solutions



Exploit: Ransomware

Ampersand: Analytics Agency

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.403 = Moderate

Television advertising giant Ampersand has admitted that it has become the victim of a cyberattack. The Black Basta ransomware has claimed responsibility. Ampersand provides viewership data about an estimated 85 million households to advertisers. The company said that it experienced a ransomware incident that briefly interrupted regular operations last week. No word on what if any data was stolen or any ransom demand. 

How It Could Affect Your Customers’ Business: Companies like this often hold large quantities of valuable data making them attractive targets.


AIDS Alabama


Exploit: Ransomware

AIDS Alabama: Non-Profit 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.211 = Extreme

Charity AIDS Alabama has disclosed that the organization has experienced a data breach of some very sensitive data. AIDA Alabama said that the breach occurred between October 11, 2021, and August 9, 2022. The exposed data includes sensitive personal information, including names, addresses, Social Security numbers, medical diagnoses, healthcare providers, health insurance details, email addresses and services received.  

How It Could Affect Your Customers’ Business: Organizations that hold this kind of highly sensitive medical data need to put especially strong protection in place.

Orange County District Attorney


Exploit: Hacking

Orange County District Attorney: Government Agency

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 1.873 = Moderate

The Orange County, California District Attorney’s Office has disclosed that it has been the victim of a cyberattack. A spokesperson for the office said that the office’s IT systems were hacked last weekend, resulting in portions of the system being shut down to limit damage. The agency’s ability to send and receive email was affected. The agency also said that it is investigating the incident in concert with the U.S. Federal Bureau of Investigation. The spokesperson was unable to comment on whether or not this was a ransomware attack, or if any data was stolen. The Orange County Sheriff’s Department said that it had severed its connection with the DA’s office to minimize its cyber risk after it was informed of the hack.  

How It Could Affect Your Customers’ Business: Government agencies have been prime targets for bad actors looking for a quick payday.


Quality Service Installation (QSI)



Exploit: Ransomware

Quality Service Installation (QSI): Bank Equipment Company

1.51 – 2.49 = Severe Risk

Risk to Business: 1.710 = Severe

The busy ALPHV/BlackCat ransomware group has also claimed responsibility for a ransomware attack on banking equipment provider Quality Service Installation (QSI). The company is a major supplier of NCR cash handling solutions including ATMs. The group says that it stole a wide variety of data including financial, client, personal and product-related data from the QSI INC cyberattack. They also claimed that they nabbed SQL base data amounting to 5TB in the October 14 incident.

How It Could Affect Your Customers’ Business: the data stolen in this incident could be very beneficial to other criminals.


Kwik Trip


Exploit: Hacking

Kwik Trip: Convenience Store Chain

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.673 = Severe

The convenience store chain Kwik Trip has finally admitted that it suffered a cyberattack that caused some operational disruption. The incident started two weeks ago, but the company claimed it was having a network problem and did not experience a cyberattack. However, customers were concerned that their data had been exposed. The company’s Kwik Rewards Program, support systems, phones and email were all knocked offline and are being restored.  

How it Could Affect Your Customers’ Business: Consumers don’t like doing business with companies that put their data at risk.


Arietis Health


Exploit: Hacking

Arietis Health: Revenue Cycle Management Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.612 = Severe

Arietis Health is the latest victim of the MOVEit exploit. The medical billing company is informing its partners that they may have had their patients’ data stolen. The incident has impacted more than 1.9 million individuals across more than 50 healthcare organizations. A variety of patient data was exposed including names, driver’s license numbers, Social Security numbers, dates of birth, medical record numbers, patient account numbers, diagnosis and treatment information, health insurance information, and prescription and provider information. 

How it Could Affect Your Customers’ Business: The MOVEit exploit spree has hit an estimated 1k businesses worldwide.



United Kingdom – Volex 


Exploit: Hacking

Volex: Electronics Manufacturer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.002 = Severe

UK-based electronics and cabling manufacturing company Volex said that it was hit by a cyberattack that impacted its IT systems. The company said that bad actors gained access to its network last week. Volex was quick to reassure customers that all of its worksites remain operational, with minimal disruption expected in its global production. The company also said that it has hired a third-party firm to investigate the incident.  

How it Could Affect Your Customers’ Business: Manufacturers have been increasingly under fire from cybercrime groups


Taiwan – D-Link 


Exploit: Hacking

D-Link: Network Hardware Manufacturer

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.716 = Moderate

D-Link, a leading manufacturer of routers, has experienced a data breach. The company claims that the data was not from the cloud but likely originated from an old D-View 6 system. D-Link said that the data was used for registrations in 2015. D-Link was involved in another data breach incident just two weeks ago after bad actors posted samples of the source code for D-Link’s D-View network management software on a dark web forum. 

How it Could Affect Your Customers’ Business: two data breaches in under a month is not a good look for any company.

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.


View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.