Which new Ransomware group is making waves? | CloudSmart IT

Which new Ransomware group is making waves?

A new ransomware group makes a splash, plus more supply chain security problems.



OneTouchPoint 

https://www.securityweek.com/onetouchpoint-discloses-data-breach-impacting-over-30-healthcare-firms

Exploit: Ransomware

OneTouchPoint: Business Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.772 = Severe

OneTouchPoint, a provider of mailing and printing services, fell victim to a ransomware attack that has resulted in the compromise of personally identifiable information (PII) stored on its system. The company discovered encrypted files on some of its systems on April 28. It was later determined that the attackers had accessed its network on April 27 determined that the compromised systems contained PII provided by its customers. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.335 = Severe

 Exposed information includes names, addresses, birth dates, date of service, description of service, diagnosis codes, information provided as part of a health assessment and member ID. OneTouchPoint lists 34 healthcare insurance carriers and healthcare services providers that have been impacted, but the number appears to be larger. 

How It Could Affect Your Customers’ Business: This is going to end up costing this company a fortune in both incident costs and regulatory penalties.

 


NetStandard 

https://www.bleepingcomputer.com/news/security/kansas-msp-shuts-down-cloud-services-to-fend-off-cyberattack/

Exploit: Ransomware

NetStandard: MSP 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.672 = Severe

Kansas-based managed service provider NetStandard suffered a cyberattack that resulted in the company pressing pause on its MyAppsAnywhere cloud services, consisting of hosted Dynamics GP, Exchange, Sharepoint and CRM services. The MSP detected signs of a cyberattack last Tuesday morning and quickly shut down cloud services to prevent the attack’s spread. The company announced that only the MyAppsAnywhere services are affected, but news outlets report that the attack may have had a broader impact, with the company’s main site shut down as well.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business MSPs have been squarely in cybercriminals’ sights as they concentrate firepower on the supply chain.


WordFly

https://www.theregister.com/2022/07/26/wordfly_ransomware_attack/

Exploit: Ransomware

WordFly: Business Services

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.773 = Moderate

Email list provider WordFly has been the victim of a ransomware attack. WordFly’s main website is unavailable and has been offline for the past two weeks. The company says that they discovered the problem on July 10. WordFly said that they believe that customer data was accessed but they didn’t specify the nature of that data. The Smithsonian Museums, Canada’s Toronto Symphony Orchestra and the Courtauld Institute of Art in London are among the company’s clientele.   

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business: Ransomware attacks on service providers in the supply chain are an ongoing problem that won’t be going away anytime soon.

 


DuPage Medical Group

https://www.fiercehealthcare.com/hospitals/dupage-medical-group-to-notify-patients-personal-information-may-have-been-breached

Exploit: Hacking

DuPage Medical Group: Healthcare Organization 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.619 = Severe

Illinois-based DuPage Medical Group, an organization with more than 700 doctors in 100 locations, has been the victim of a cyberattack that exposed patient data. The incident occurred between July 12-13 and caused a network outage. An investigation determined that bad actors had likely accessed patient data. The medical group is notifying 600,000 patients that their personal information may have been compromised.  

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.619 = Severe

Illinois-based DuPage Medical Group, an organization with more than 700 doctors in 100 locations, has been the victim of a cyberattack that exposed patient data. The incident occurred between July 12-13 and caused a network outage. An investigation determined that bad actors had likely accessed patient data. The medical group is notifying 600,000 patients that their personal information may have been compromised.  

How it Could Affect Your Customers’ Business: Healthcare is the industry with the highest data breach cost, and its’ been beleaguered by ransomware.

 



United Kingdom – Wooton Academy Trust

https://www.infosecurity-magazine.com/news/ransomware-group-500000-school/

Exploit: Ransomware

Wooton Academy Trust: School Operator

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.304 = Severe

The Hive ransomware group is claiming responsibility for a ransomware attack against the Wooton Academy Trust, operators of Wooton Secondary School and the Kimberley college for 16-19-year-olds. The gang is demanding a $500,000 ransom, the amount it claims the school has available in cyber insurance. In an unusual twist, the gang allegedly messaged students and parents, informing them that they had stolen the students’ home addresses, bank details, medical records and even psychological reviews. The school says that the incident has affected scheduling for next year, along with the production of some grade sheets. It hopes to retrieve lost data from backups in order to resume normal operations within 10 days.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Cybercriminals have been going after schools consistently for the last few years as virtual learning pens up profit opportunities for them.


United Kingdom – Bromford Housing Association

https://www.gloucestershirelive.co.uk/news/property/bromford-housing-association-shuts-down-7396811

Exploit: Hacking

Bromford Housing Association: Housing Assistance Organization

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.929 = Severe

Bromford Housing Association, a housing program with tenants across Gloucestershire, has been the victim of a cyberattack. Bromford manages 40,000 homes across central and southwest England, providing services for around 90,000 people. The company says it was forced to shut down its technology systems including communications, appointments and online payments. Clients are limited to service and payments by phone. There’s been no word on what if any data was stolen.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Service disruptions from cyberattacks can cost companies big in both productivity and reputation.

 


France – MDBA

https://securityaffairs.co/wordpress/133881/data-breach/mbda-alleged-data-breach.html 

Exploit: Hacking

MDBA: Defense Contractor

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.017 = Severe

A new cybercrime group claims that it has snatched data from European missile developer and manufacturer MDBA. The bad actors call themselves Adrastea and claim to have obtained 60GB of confidential data by exploiting vulnerabilities in the company’s network. Adrastea claims to have taken information about the company’s projects, OT, defense systems the company has worked on, and other sensitive data about military matters.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Cybercriminals are hungry for OT information and similar proprietary data, especially of this sensitive nature.

 


Italy – Italian Revenue Agency (Agenzia delle Entrate)

https://securityaffairs.co/wordpress/133640/cyber-crime/lockbit-ransomware-italian-revenue-agency.html

Exploit: Ransomware

Italian Revenue Agency (Agenzia delle Entrate): Government Agency 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.017 = Severe

A ransomware attack has hit the town of St Mary’s in Ontario, locking staff out of internal systems and encrypted data. The ransomware group LockBit has claimed responsibility. The cybercriminals uploaded a sample to their leak site containing directories corresponding to municipal operations like finance, health and safety, sewage treatment, property files, and public works. Town officials were quick to reassure citizens that essential municipal services like transit and water systems haven’t been impacted. No word on any ransom demand or if the municipality plans to pay. LockBit is also responsible for another attack on a small town this week, hitting Frederick, Colorado on July 14. The group is demanding $200,000 not to publish the data snatched from Frederick, CO. 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business The bad guys know they have a higher chance of getting paid thanks to the time-sensitive nature of government services, making them prime targets.

 



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.