The Week in Breach: 03/24/21-03/30/21 | CloudSmart IT

The Week in Breach: 03/24/21-03/30/21

 
 

This Week in Breach News:

Hobby Lobby’s mistakes pack a high cost, Australia’s Channel 9 News gets knocked off the air by a cyberattack, production at Sierra Wireless gets held up by ransomware, and a look at what the FBI IC3 report means for your business.


United States – Hobby Lobby

https://threatpost.com/hobby-lobby-customer-data-cloud-misconfiguration/164980/

Exploit: Misconfiguration

Hobby Lobby: Craft Supply Retailer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.662= Severe

Hobby Lobby made a blunder that was discovered this week. Researchers came across an Amazon Web Services (AWS) cloud database belonging to the controversial retailer that was misconfigured to be publicly accessible exposing 138GB of sensitive information.

cybersecurity news represented by agauge showing severe risk

Individual Risk : 1.707 = Severe

Exposed data includes customer names, partial payment card details, phone numbers, physical and email addresses along with source code for the company’s app, and employee names and email addresses. This information can be used for spear phishing and identity theft.

Customers Impacted: 300,000

How It Could Affect Your Customers’ Business: Making simple, avoidable blunders like this doesn’t fill your customers with confidence that you’re taking information privacy seriously.


United States – CNA Financial

https://www.bleepingcomputer.com/news/security/cna-insurance-firm-hit-by-a-cyberattack-operations-impacted/

Exploit: Ransomware

CNA Financial: Insurer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.627 = Severe

Major insurer CNA Financial has disclosed that it was the victim of a purported ransomware attack this week, causing significant network disruption. The company’s email systems have been offline and the underwriting and claims units have been stymied, likely due to systems becoming unavailable. CNA said that they were disconnecting systems for safety and working to restore operations.

Individual Impact: No sensitive personal or financial information was announced as impacted in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware is the cause of many expensive disasters and they don’t all involve data. Cybercriminals can also hold your business operations hostage.


United States – California State Controller

https://krebsonsecurity.com/2021/03/phish-leads-to-breach-at-calif-state-controller/

Exploit: Phishing

California State Controller: State Government Agency 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.412 = Severe

A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO). The agency announced that attackers had access to the email records of an employee in its Unclaimed Property Division after the employee clicked a phishing link and then entered their email ID and password.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.309 = Severe

The breach may have led to the exposure of personal and financial data for thousands of state employees. There is also evidence that the account was used to conduct business email compromise scams.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Something as simple as one mishandled email can wreak havoc on your business. No matter how busy you are, training has to be a priority to avoid this consequence.


United States – PDI Group

https://therecord.media/ransomware-gang-leaks-data-from-us-military-contractor-the-pdi-group/ 

Exploit: Ransomware

PDI Group: Defense Contractor 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.412 = Severe

US military contractor PDI Group has experienced a ransomware attack, with Babuk Locker claiming responsibility. the gang says that they have 700 GB of data they claim to have stolen from PDI’s internal network and they have made ransom demands after posting a sample to their site. PDI Group manufactures specialty trailers, dollies and other transport tools for multiple military applications.

Individual Impact: No sensitive personal or financial information was announced as impacted in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Failing to protect the secrets of your success like blueprints and formulas is a fast path to trouble when your competitors can download them from dark web sources.


Canada – Sierra Wireless

https://therecord.media/production-halted-at-sierra-wireless-factories-following-ransomware-attack/

Exploit: Ransomware

Sierra Wireless: Electronics Manufacturing 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.302 = Extreme

Canadian electronics giant Sierra Wireless has halted production at its manufacturing sites across the world after a ransomware attack crippled its IT systems. The disruption has kept staff from accessing internal documents and systems related to manufacturing and planning. Investigation and remediation are ongoing.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware can cause catastrophic delays in production, crippling factories. Preventing it from hitting systems is just as important as protecting data.


 

United Kingdom – Fat Face

https://www.inforisktoday.com/british-clothing-retailer-fat-face-discloses-data-breach-a-16249

Exploit: Malware

Fat Face: Clothing Retailer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802 = Severe

Retail boutique Fat Face has disclosed that it experienced a data breach in January. According to the shop a third party accessed data, probably through malware, and obtained some employee and customer information. The incident is still under review.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802 = Severe

The organization says that some employee and customer information was exposed, including names, addresses, email addresses and the last four digits of credit card numbers, plus the expiration dates. Customers should be alert for fraud attempts.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Failure to keep sensitive data secure is even more costly when your industry or location means you’ll incur regulatory penalties on top of everything else.


United Kingdom – University of Northampton (UON)

https://heimdalsecurity.com/blog/cyber-attack-university-of-northampton/

Exploit: Hacking

University of Northampton (UON): Institution of Higher Learning

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.055 = Severe

Communications and some learning tools were knocked offline at UON after a cyberattack shut down essential systems. No data is reported stolen, and authorities have been informed. Officials say that service is beating slowly but steadily restored.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: LOREM IPSUM

How it Could Affect Your Customers’ Business: It’s no longer acceptable to just survive a cyberattack by shutting down systems Clients expert businesses to keep on trucking no matter what.


The Netherlands – RDC

https://therecord.media/data-for-7-3-million-dutch-car-owners-sold-on-hacking-forum/

Exploit: Hacking

RDC: Maintenance & Garage Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.861 = Severe

The personal and vehicle details of millions of Dutch car owners were posted for sale on a well-known cybercrime forum, snatched from automotive services company RDC. The threat actor behind the forum ad claims to be in possession of an RDC database with 7.3 million entries. 2.3 million of those records also come complete with email addresses and other PII.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.703 = Severe

Both business clients and private car owners were impacted with data including names, home addresses, email addresses, telephone numbers, dates of birth, but also vehicle registration numbers, car makes & models, and license plates exposed.

Customers Impacted: 7.3 million

How it Could Affect Your Customers’ Business: Every time your company does business with another company, your information is at risk and their failure to keep your information safe can come back to haunt you when you least expect it.


Australia – Channel Nine

https://securityaffairs.co/wordpress/116053/breaking-news/channel-nine-cyber-attack.html

Exploit: Hacking

 Channel Nine: Television Network

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.422= Extreme

In an especially audacious attack, hackers disrupted broadcast operations at Channel Nine, preventing the station from transmitting its popular Sunday morning news program, which runs from 7:00 am to 1:00 pm out of studios in Sidney as well as its 5 pm evening news broadcast. The 6 pm broadcast was facilitated by studios in Melbourne. The company acted quickly to restore operations.

Individual Impact: No sensitive personal or financial information was declared as compromised immediately but the investigation is ongoing and more details may emerge.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Hackers are bold and dangerous One security failure can have big consequences for operations, causing delays and dissatisfaction for clients.


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

 

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.




Huge Cybercrime Numbers Provide Food for Thought


The recent release of the FBI’s annual IC3 Internet Crime Report draws attention to the surge in cybercrime that businesses have seen in the last year – more than 80% of businesses reported seeing an increase in cyberattacks in 2020. That means that it’s a smart move to put in a little time to review your cybersecurity suite now and add extra protection against some nasty threats if needed.

2020’s increase in cybercrime was hefty across the board, including an enormous increase in phishing of more than 600%. Phishing is responsible for Internet Crime Complaint Center (IC3)’s top reported scam of 2020: business email compromise. The FBI notched 19,369 business email compromise scams in 2020 with a painful adjusted loss of approximately $1.8 billion.

Ransomware defense should also be high on your priority list. This menace isn’t slowing down, and just one incident can devastate your business. Two in five small or medium businesses were hit with ransomware in 2020. IC3 reports that it received 2,474 complaints identified as ransomware with adjusted losses of over $29.1 million.

The FBI received 791,790 cybercrime complaints in 2020 that resulted in a loss of over $4.2 billion and that’s 300,000 more than 2019. That’s an astounding 69% increase in reported cybercrime – and most cybercrime goes unreported.

Make sure that your business doesn’t end up in next year’s report by taking the time to review your protection and bolster it where you can. If your budget is a limitation, look for multifunctional solutions that can check off many security boxes at once.

Cybercrime is continuing its upward trend in 2021. Take the time to review your security coverage now and make smart updates that protect your business from the rising tide of cybercrime.

Follow us on social media to find out about breach news, new blog posts, product updates, and other important news!

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.