Week In Breach

This week we’re exploring why Cox TV & radio stations went dark because of cybercrime, how third-party danger ensnared New South Wales Health, what happened when nation-state cybercriminals visited New York and how you can notch quick wins by using specialized location and industry data to sell security.



United States iConstituent

https://www.nbcnews.com/politics/congress/house-communications-vendor-compromised-ransomware-attack-n1269934

Exploit: Ransomware

IConstituent: Communications Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.655= Severe

A major service provider to members of the US House of Representatives is recovering from a ransomware incident that has left Members scrambling. iConstituent provides constituent communications services for House offices including facilitating Member emails and newsletters. The House Chief Administrative Officer (CAO) is coordinating a response with iConstituent, and the CAO has announced that no other House data or systems have been compromised.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Ransomware against service providers has been a hot profit center for cybercriminals and they’re not letting up on potentially vulnerable targets.

ID Agent to the Rescue: Third-party and supply chain risks are growing exponentially. Learn strategies to fight back in our eBook Breaking Up with Third Party and Supply Chain RiskDOWNLOAD IT>>


United States – Cox Media Group

https://therecord.media/live-streams-go-down-across-cox-radio-tv-stations-in-apparent-ransomware-attack/

Exploit: Ransomware

Cox Media Group: TV & Radio Station Operator

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.227= Extreme

A number of TV and radio stations around the US went dark briefly after a suspected ransomware attack on parent company Cox Media Group. Stations impacted included News9, WSOC, WSB, WPXI, KOKI, and almost all Cox radio stations. The Cox Media Group owns 57 radio and TV stations across 20 US markets. Internal networks and live streaming capabilities for other Cox media properties, such as web streams and mobile apps, were also impacted in the June 35r event. Service was quickly restored and the event is under investigation.

Individual Impact: No sensitive personal or financial information has been declared compromised in this incident and the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.

ID Agent to the Rescue:  Find useful data to inform security decisions including our predictions for the biggest risks of 2021 in The Global Year in Breach 2021READ IT NOW>>


United States – Navistar International Corporation

https://www.reuters.com/technology/us-truck-maker-navistar-says-aware-it-breach-2021-06-07/

Exploit: Ransomware

Navistar International Corporation: Specialty Vehicle Manufacturer

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.812= Moderate

Truck manufacturer Navistar International has notified the Securities and Exchange Commission (SEC) that they’ve fallen prey to a ransomware attack. Navistar makes trucks, buses and diesel engines, while its Navistar Defense subsidiary produces several US military vehicles. The company confirmed that there was data exfiltration in the suspected ransomware attack, but no details have been made available regarding the nature of that data.

Individual Impact: No sensitive personal or financial information has been declared compromised in this incident and the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.

ID Agent to the Rescue:  Secure your data and systems against today’s nastiest threat with Ransomware 101, our most popular eBook, to guide you through how to secure your clients effectively. READ IT>>


United States – New York Metropolitan Transit Authority (M.T.A.)

https://www.nytimes.com/2021/06/02/nyregion/mta-cyber-attack.html

Exploit: Nation-State hacking

New York Metropolitan Transit Authority (M.T.A.): Regional Transport Operator

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.812= Moderate

Officials at NY M.T.A released information that their system had been the target of a cyberattack by a hacking group believed to have links to the Chinese government. According to the report, nation-state actors penetrated the Metropolitan Transportation Authority’s computer systems in April. The investigation has concluded and NY M.T.A. was able to confirm that no sensitive data or rider data was impacted.

Individual Impact: No sensitive personal or financial information has been declared compromised in this incident and the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.

ID Agent to the Rescue:  Secure your data and systems against today’s nastiest threat with Ransomware 101, our most popular eBook, to guide you through how to secure your clients effectively. READ IT>>


United States – LineStar Integrity Services

https://www.wired.com/story/linestar-pipeline-ransomware-leak/

Exploit: Ransomware

LineStar Integrity Services: Pipeline Technology Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.522= Severe

Cybersecurity researchers discovered that pipeline technology provider LineStar Integrity was hit in a ransomware incident at approximately the same time as Colonial Pipeline resulting in 70+GB of company data finding a new home on the dark web. LineStar Integrity Services sells auditing, compliance, maintenance, and technology services to pipeline customers and is based in Houston, TX.

Individual Impact: No sensitive personal or financial information has been confirmed as compromised in this incident although some sources are reporting that human resources data is in the mix.

Customers Impacted: Unknown

Use our Cybersecurity Risk Protection Checklist to find vulnerabilities before the bad guys do! GET IT>>



United Kingdom – Furniture Village

https://www.theregister.com/2021/06/04/furniture_village_confirms_cyberattack/

Exploit: Hacking

Furniture Village: Home Goods Retailer

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.115 = Extreme

UK home goods giant Furniture Village has confirmed that it has been suffering the impact of an unnamed cyberattack. For the past week, the company’s internal systems, as well as some customer-facing systems, have been experiencing outages. The company stated that no data appears to have been stolen. Impacted systems include included delivery systems, phone systems, and payment mechanisms.

Individual Impact: At this time, no sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Attacks on older systems are often easy money for cybercriminals looking for data to sell with a low overhead and fast turnaround time.

 



Australia – New South Wales Health (NSW Health)

https://www.zdnet.com/article/nsw-health-confirms-data-breached-due-to-accellion-vulnerability/

Exploit: Third-Party Data Breach

New South Wales Health (NSW Health): Regional Healthcare Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.616 = Severe

New South Wales Health has confirmed that it is the latest organization impacted by the major cyberattack on the file transfer system owned by medical data services provider Accellion last month. The state entity said that no medical records maintained in public hospitals were affected. The agency has begun notifying people whose data may have been accessed. NSW Health has upgraded its technology to avoid future problems.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.616 = Severe

New South Wales Health disclosed that identity information and health-related personal information were exposed for some patients. The agency is in the process of contacting people who have been impacted.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Attacks on major data processors like this puts many businesses at risk. Cybercriminals are hungry for saleable information and these places are treasure troves.



Japan – Fulifilm

https://www.bleepingcomputer.com/news/security/fujifilm-confirms-ransomware-attack-disrupted-business-operations/

Exploit: Ransomware

Fujifilm: Film & Photo Technology Developer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.922 = Severe

Legendary Japanese film technology company Fujifilm announced that it has been the victim of a ransomware attack that has impacted its operations. The purported ransomware attack led to a network outage that impacted access to email for employees, billings system and a problem reporting system. Experts believe that this attack was carried out with REvil technology. Investigation and recovery have begun and many systems have been fully restored.

Individual Impact: At this time, no sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Business disruptions from ransomware attacks can be costly even if no business or customer data is stolen, and extra costs for recovery can add up.

 


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.




What’s So Special About Zero Trust? Find Out Now!

Everyone’s talking about the benefits of adopting a zero-trust security strategy in today’s volatile cybercrime landscape. How can you capitalize on this opportunity? In this webinar, Amelia Paro of ID Agent and Danny Jenkins of ThreatLocker give you an introduction to zero trust security and show you how to capitalize on the trend. You’ll learn:

  • Why zero trust is the big buzzword right now
  • The advantages that zero trust brings to the table
  • How to use this concept to secure your clients effectively

Listen to the webinar “Zero Trust Exposed” now>>