The Week in Breach News: 05/11/22 – 05/17/22 | CloudSmart IT

The Week in Breach News: 05/11/22 – 05/17/22

Data security trouble has emerged in government agencies and healthcare organizations around the U.S., and nation-state-related cyberattacks keep popping up in Europe.

 



Omnicell

https://www.securityweek.com/healthcare-technology-provider-omnicell-discloses-ransomware-attack 

Exploit: Ransomware

Omnicell: Healthcare Technology

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.944 = Severe

Omnicell revealed that its internal systems were impacted by a ransomware attack on May 4, 2022, in an SEC filing. The company further explained that it expected the attack to have an impact on some of its products and services, but it did not specify which ones. Omnicell says that it is in the early stage of an investigation, but the attack has been contained and appropriate authorities have been informed.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business: Everything in the healthcare sector has been under siege since the start of the global pandemic and pressure isn’t easing up.

 


Texas Department of Insurance (TDI)

https://www.texastribune.org/2022/05/16/texas-insurance-data-breach/

Exploit: Misconfiguration

Texas Department of Insurance (TDI): Regional Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.804 = Severe

A routine audit discovered that a misconfigured server at the Texas Department of Insurance has been leaking information for three years. The report disclosed that the personal information of an estimated 1.8 million Texas workers who have filed compensation claims between March 2019 and January 2022 has been exposed. TDI says that the problem has been corrected and that its investigation found no evidence that the information had been stolen or used unlawfully.   

cybersecurity news represented by agauge showing severe risk

Risk to Individual: 1.923 = Severe

The personal information of 1.8 million workers who have filed compensation claims in Texas was exposed including Social Security numbers, addresses, dates of birth, phone numbers and information about workers’ injuries.  

How It Could Affect Your Customers’ Business Misconfiguration errors are common and just as costly and problematic as many cyberattacks.

 

The Oregon Elections Division

https://www.securityweek.com/hackers-hit-web-hosting-provider-linked-oregon-elections

Exploit: Supply Chain Risk

The Oregon Elections Division: Regional Government Agency

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.702 = Moderate

The Oregon Elections Division has announced that it has informed an estimated 1,100 people that their information may have been exposed in a data breach after the online system where campaign finance records are published was hit by a ransomware attack at its web hosting provider. The Oregon Elections Division said it was informed by C&E systems, a campaign finance firm that its web hosting provider Opus Interactive was the victim of a ransomware attack. Through that incident, C&E’s database was compromised, which includes their client’s log-in credentials for ORESTAR accounts. C7E disputes the number of affected accounts, placing it closer to 300. This attack has no impact on the voting or elections process outside campaign finance.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business:

 


Oklahoma City Indian Clinic (OKCIC)

https://www.infosecurity-magazine.com/news/oklahoma-city-indian-clinic-data/ 

Exploit: Hacking

Oklahoma City Indian Clinic (OKCIC): Healthcare Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.302 = Severe

Oklahoma City Indian Clinic (OKCIC) this week announced that it experienced a data breach exposing personally identifiable information (PII) on May 12 when unauthorized parties obtained access to its data and systems. A third-party forensic firm has been brought in to investigate. So far, the investigation has confirmed that an unauthorized party accessed and may have retained sensitive customer information. 

cybersecurity news represented by agauge showing severe risk

Risk to Individual: 2.327 = Severe

At present, 38,239 individuals are reportedly impacted by the breach. The compromised files include a patient’s name, date of birth, treatment information, prescription information, medical records, physician information, health insurance policy numbers, phone numbers, Tribal ID numbers, Social Security numbers and driver’s license numbers. 

How it Could Affect Your Customers’ Business: Government and quasi-governmental agencies have been popular targets for cybercriminals looking for big stores of data. 

 


Illinois Gastroenterology Group (IGG)

https://www.illinoisgastro.com/articles/notice-of-security-incident 

Exploit: Hacking

Illinois Gastroenterology Group (IGG): Healthcare Provider 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.917 = Severe

Illinois Gastroenterology Group (IGG) announced that it has experienced a data security problem that potentially impacted 227,943 individuals. IGG disclosed that it had discovered unusual network activity on October 22, 2021, and that it believed that information may have been stolen. IGG also said it had no evidence of related identity theft or fraud.

cybersecurity news represented by agauge showing severe risk

Risk to Individual: 1.929 = Severe

The stolen data includes patient names, birth dates, Social Security numbers, driver’s license numbers, passport information, financial account information, addresses, payment card information, biometric data, employer-assigned identification numbers and medical information.

How it Could Affect Your Customers’ Business This type of incident is expensive in more ways than one and will spin out into a long, draining regulatory nightmare. 

 



Top Aces 

https://therecord.media/top-aces-ransomware-attack-lockbit/ 

Exploit: Ransomware

Top Aces: Flight Training Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.733-Severe

Montreal-based company Top Aces, a provider of fighter jets for airborne training exercises, has been hit with a ransomware attack by the LockBit group. The company says that it is the exclusive adversary air provider to the Canadian and German armed forces. LockBit says it stole 44 GB of data and has given Top Aces a deadline of May 15 to pay them and avoid publication of the stolen data. No ransom amount is available.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Defense industry contractors and military-adjacent service providers are tempting targets for cybercriminals looking for back doors.

 



Italy – Senato della Repubblica (Senate of the Republic)

https://www.reuters.com/world/europe/pro-russian-hackers-target-italy-defence-ministry-senate-websites-ansa-news-2022-05-11/

Exploit: Nation-State

Senato della Repubblica (Senate of the Republic) – Governing Body 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.096 = Severe

Pro-Russian hacking group Killnet has claimed responsibility for a cyberattack that briefly interrupted business in Italy’s Senate. The group also targeted the National Health Institute (ISS) and the Automobile Club d’Italia. A tweet by the Speaker of the Senate disclosed that there was no significant damage in the Senate attack.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Unexpected nation-state danger is always just around the corner for government agencies, legislative bodies and government-related entities.

 


Russia – SOCAR Energoresource

https://securityaffairs.co/wordpress/131264/hacktivism/anonymous-oprussia-updates.html 

Exploit: Nation-State (Hacktivism)

SOCAR Energoresource: Oil Company

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.776 = Moderate

SOCAR Energoresource, a company partially owned by the State Oil Company of Azerbaijan Republic (SOCAR), has been hit in a cyberattack by the Anonymous Collective. The company operates the Antipinsky Refinery and several oilfields in Russia. The hacktivist group released a 130 GB archive via DDoSecrets that contains nearly 116,500 emails. Other Russian organizations also felt the sting of an attack by Anonymous in the last week or so including the Polar Branch of the Russian Federal Research Institute of Fisheries and Oceanography, the Achinsk City Government and the Port and Railway Projects Service of JSC UMMC.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Hacktivism isn’t only a factor in nation-state cybercrime and could impact all kinds of businesses and institutions.

 



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.