The Week in Breach News: 10/13/21 – 10/19/21 | CloudSmart IT

The Week in Breach News: 10/13/21 – 10/19/21

Ransomware rocks Ecuador’s largest bank, a malicious insider strikes at a US healthcare organization, everyone in Argentina had their identity stolen and a look at a diabolical ransomware attack that’s in fashion right now.

 



Olympus Corporation of the Americas

https://www.bleepingcomputer.com/news/security/olympus-us-systems-hit-by-cyberattack-over-the-weekend/

Exploit: Ransomware

Olympus Corporation of the Americas: Medical Technology Manufacturer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.122 = Severe

Olympus was forced to take down IT systems in the U.S., Canada, and Latin America following a cyberattack that hit its network Sunday. The medical equipment manufacturer says that it does not believe that any data was stolen. Olympus also said that the incident was contained to the Americas with no known impact to other regions. Just last month, Olympus suffered another ransomware attack on its EMEA region systems.

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Many ransomware gangs aren’t bothering to steal data anymore, opting to lock down networks and production lines to force a speedy ransom payment.


Premier Patient Healthcare

https://www.govinfosecurity.com/former-executive-accessed-phi-nearly-38000-individuals-a-17724

Exploit: Malicious Insider

Premier Patient Healthcare: Medical Clinic Chain 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.712=Severe

Texas-based accountable care organization Premier Patient Healthcare filed a statement this week detailing a malicious insider incident that caused the exposure of PII for over 37,000 patients from around the country. According to the report, a terminated executive had retained credentials that enabled them to access and obtain an unspecified amount of PHI. No further details were included and a HIPAA filing has not yet appeared. When the breach first came to light, the company’s early statements pointed to a fault at a vendor, which turned out to not be the case. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.712=Severe

The patient records that were accessed included name, age, sex, race, county and state of residence, and zip code, as well as Medicare beneficiary information, such as Medicare eligibility period, spend information, and hierarchical condition category risk score for an unspecified number of patients.

Customers Impacted: 8.5 million

How It Could Affect Your Customers’ Business This incident isn’t just a double helping of embarrassment for Premier Patient Healthcare, it’s also going to be a financial nightmare after regulators get finished with them.



Ecuador- Banco Pichincha

https://www.bleepingcomputer.com/news/security/cyberattack-shuts-down-ecuadors-largest-bank-banco-pichincha/

Exploit: Ransomware

Banco Pichincha: Banking & Financial Services

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.412=Extreme

Ecuador’s largest private bank Banco Pichincha has suffered a suspected ransomware attack that has resulted in some systems being knocked offline for days. Many services of the bank were disrupted, including online banking, its mobile app and ATM network. The bank is working with national authorities at the Superintendency of Banks to investigate the incident. In an internal notification sent to the Bank’s agencies and seen by BleepingComputer, employees are notified that bank applications, email, digital channels, and self-services will not be operational for an unspecified amount of time due to a technology issue, limiting many bank services to in-person transactions. Some ATM services have been restored. The incident is ongoing.    

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Attacks on the banking and fintech sectors have been growing, creating complications for every financial services organization.


Argentina – Registro Nacional de las Personas (RENAPER)/National Registry of Persons 

https://therecord.media/hacker-steals-government-id-database-for-argentinas-entire-population/

Exploit: Hacking

Registro Nacional de las Personas (RENAPER): National Identity Database 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.232=Extreme

Hackers have broken into the Argentina Interior Ministry’s IT network and stolen a massive amount of data from Registro Nacional de las Personas (RENAPER)/National Registry of Persons. That extremely sensitive database contains ID card details for the country’s entire population. The leak was announced when a Twitter user posted ID card photos and personal details for 44 Argentinian celebrities including the country’s president Alberto Fernández and soccer superstars Lionel Messi and Sergio Aguero. While the Argentine government admits to the hack, they maintain that no data was stolen. However, cybersecurity experts and journalists were able to contact the threat actors through a dark web posting and confirm the authenticity of the database. The hackers appear to have gained access through a compromised VPN.

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.222= Extreme

According to a sample provided by the hacker online, the information they have access to right now includes full names, home addresses, birth dates, gender info, ID card issuance and expiration dates, labor identification codes, Trámite numbers, citizen numbers, and government photo IDs.

Customers Impacted: The population of Argentina is 45 million

How it Could Affect Your Customers’ Business A strong security culture helps reduce the likelihood of an incident caused by employee carelessness as this one reportedly was.


Brazil – Hariexpress

https://www.infosecurity-magazine.com/news/ecommerce-player-leaks-billion/

Exploit: Misconfiguration

Hariexpress: e-Commerce Firm

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.616 = Severe

Brazilian e-commerce firm Hariexpress is in hot water after it exposed an estimated to 1.8 billion client and seller records. The problem appears to have originated with a misconfigured Elasticsearch server, according to researchers. The server was left unencrypted with no password protection in place, exposing 610GB of data and that data may have been exposed for several months.  

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.616 = Severe

Exposed customer data included full names, home and delivery addresses, phone numbers and billing details. Also exposed were sellers’ full names, email and business/home addresses, phone numbers and business/tax IDs (CNPJ/CPF).  

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Human error will always be a company’s biggest cyberattack risk. It pays to make sure that everyone feels like they’re responsible for security to avoid messes like this.



Spain – Meliá Hotels International 

https://therecord.media/cyberattack-hits-melia-one-of-the-largest-hotel-chains-in-the-world/

Exploit: Ransomware 

Meliá Hotels International: Hotel Chain 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.615 = Severe

Meliá Hotels International, one of the largest hotel chains in the world, had fallen victim to a suspected ransomware attack. Attackers took down parts of the hotel chain’s internal network and some web-based servers, including its reservation system and public websites. An investigation is underway. No ransomware gang has yet claimed responsibility. 

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware is always expensive. Even without the extortion demand, it can cause massive losses simply from business interruption.



Taiwan – Acer 

https://www.bleepingcomputer.com/news/security/acer-confirms-breach-of-after-sales-service-systems-in-india/

Exploit: Hacking

Acer: Computer Manufacturer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.631 = Severe

Acer has just been beleaguered by cyberattacks in 2021. In its second time at the dance this year, Acer’s India after-sales service has suffered a data breach. A threat actor has already claimed the attack on a popular hacker forum, saying that they stole more than 60GB of files and databases from Acer’s servers. The stolen data includes client, corporate, and financial data and login details belonging to Acer retailers and distributors from India. The threat actor posted a  video showcasing the stolen files and databases to a dark web forum showcasing the records of 10,000 customers, and stolen credentials for 3,000 Indian Acer distributors and retailers. 

 

Individual Impact: No information about the nature of the exposed customer data was available at press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Companies that store large amounts of data are hacker catnip. The data that they can steal will not only reap a big profit, it also opens other cybercrime doors.



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.