Week in Breach
This Week in Breach News:
Multiple healthcare targets receive an unwelcome diagnosis of ransomware, start your journey on the road to cyber resilience with our newest eBook, and learn more about why data breach danger is ratcheting up for every business and how you can better secure your customers from the onslaught.
The Week in Breach News – United States
United States – Lake Regional Healthcare
Exploit: Ransomware
Lake Regional Healthcare: Hospital System
Risk to Business: 1.919 = Severe
A ransomware attack at this Minnesota healthcare system on December 30 led to impacts in patient care as the hospital was forced to adopt downtime procedures. Most impacted systems have been restored and the incident is under investigation.
Individual Risk: No personal or consumer information was reported as impacted in this incident at this time but the incident is still under investigation.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is an increasingly popular option for cybercriminals looking to disrupt operations to score a quick payday from a much-needed service provider or manufacturer.
ID Agent to the Rescue: Ransomware risks are growing every day in every industry. Get your business ready to fight back against ransomware threats with our eBook “Ransomware 101”. GET THE BOOK>>
United States – OmniTRAX
https://www.freightwaves.com/news/ransomware-attack-hits-short-line-rail-operator-omnitrax
Exploit: Ransomware
OmniTRAX: Short Line Railway
Risk to Business: 2.172 = Severe
Conti ransomware is to blame for a major information theft at OmniTRAX and parent company Broe Group. Although rail and freight operations were not disrupted, proprietary data was stolen. The 70 gigabytes of leaked files presented by the gang include internal OmniTRAX documents and clearly showed that data came from the contents of individual employee work computers. It was not clear if it included data pertaining to OmniTRAX’s rail operations or its customers.
Individual Risk: No personal or consumer information was reported as impacted in this incident at this time but the incident is still under investigation.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Just one stolen or cracked password can wreak havoc on a company and its subsidiaries, leading to extensive (and expensive) recovery operations.
ID Agent to the Rescue: Make sure that just a stolen password won’t open your door with secure identity and access management using Passly that seamlessly integrates with more than 1k apps. SCHEDULE A DEMO>>
United States – Apex Laboratory
Exploit: Ransomware
Apex Laboratories: Consumer Medical Testing
Risk to Business: 1.783 = Severe
Apex Laboratories definitely got a result that they weren’t expecting when DoppelPaymer ransomware popped up on December 15, snatching a large quantity of data. The attack resulted in the exfiltration of thousands of documents containing both protected health information of patients and personally identifiable information of Apex employees.
Individual Risk: 2.166 = Severe
The data impacted is estimated to include patient names, dates of birth, test results, and some Social Security and phone numbers. The company is notifying affected patients. Apex employees and clients should be cautious about potential spear phishing email using this information.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware has been an especially pernicious menace to healthcare targets throughout the pandemic, and that’s not slowing down.
ID Agent to the Rescue: Ransomware is almost always the cargo of a poisonous phishing email. BullPhish ID helps companies enlist every staffer in the fight against ransomware. SEE BULLPHISH ID IN ACTION>>
The Week in Breach News – Canada
Canada – Aurora Cannabis
Exploit: Unauthorized Access
Aurora Cannabis: Marijuana Dispensary Chain
Risk to Business: 1.664 = Severe
An email sent to an ex-employee of Aurora Cannabis uncovered a data breach affecting the personally identifiable information of the company’s current and past employees. It appears that the data was captured after unauthorized parties accessed the company’s SharePoint and OneDrive. The incident is still being untangled, as conflicting reports crop up about what information was stolen.
Individual Risk: 2.580 = Severe
The actual details about the stolen data are unclear but are reported to include employee and former employee PII, credit card information, government identification, home addresses and banking details.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: It’s not all ransomware these days – good old-fashioned hacking is still a risk that every business faces. When information like this makes its way to the Dark Web, it makes hackers’ jobs easier.
ID Agent to the Rescue: Are your company credentials just waiting to be found in Dark Web data markets? Find out before cybercriminals do with 24/7/365 Dark Web monitoring. SEE DARK WEB ID IN ACTION>>
Canada – Communauto
https://montrealgazette.com/news/local-news/communauto-hit-by-cyber-attack
Exploit: Ransomware
Communauto: Car Sharing Service
Risk to Business: 1.918 = Severe
A ransomware attack brought many of Communauto’s business side activities to a halt, causing delays in the management of accounts payable and invoicing. Proprietary data and some client PII was stolen, but no user credit card data was impacted. The company elected to pay the ransom and announced that the gang had agreed to destroy the information.
Risk to Business: 2.033 = Severe
The personal information of some of its clients, including member numbers, names, email addresses, street addresses and account identifying details was compromised. Clients of Communauto should be wary of possible spear phishing attempts.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware threats have grown as the economy has contracted, leaving ransomware gangs to look farther afield for targets. They’re aided and abetted by huge lists of passwords that give hackers what they need to find and exploit security weaknesses to slip malware into systems.
ID Agent to the Rescue: How good are your passwords? Take a deep dive into the complexities of creating strong passwords and how you can make stronger passwords to foil hackers with our fresh Build Better Passwords eBook. GET THE BOOK>>
United States – Dassault Falcon Jet
https://securityaffairs.co/wordpress/113216/data-breach/dassault-falcon-data-breach.html
Exploit: Ransomware
Dassault Falcon Jet: Aviation Manufacturing
Risk to Business: 2.127 = Severe
Dassault Falcon Jet, a division of French conglomerate Dassault Aviation, was hit by the Ragnar Locker ransomware gang, resulting in extensive data theft. Bad actors made off with employee information, but no proprietary data theft was reported in the incident.
Individual Risk: 1.702 = Severe
Extensive PII was exposed for current and former employees and their families including names, personal and company email address, personal mailing address, employee ID number, driver’s license number, passport information, financial account number, Social Security number, date of birth, work location, compensation and benefit enrollment information, and date of employment.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is no joke, and it has been increasingly pointed at manufacturing targets to both steal data and impact production, especially dangerous when a company manufactures assets like planes.
ID Agent to the Rescue: Improve phishing resistance training with BullPhish ID to improve any company’s defense against ransomware. SEE BULLPHISH ID AT WORK>>
The Week in Breach News – United Kingdom & European Union
United Kingdom – Amey Plc
https://www.constructionnews.co.uk/contractors/amey/amey-hit-by-cyber-attack-05-01-2021/
Exploit: Ransomware
Amey Plc: Infrastructure Builder
Risk to Business: 1.631 = Severe
Venerable construction company Amey was hit by a ransomware attack in late December, attributed to the Mount Locker ransomware gang. The gang has begun leaking a trove of documents including contracts, bank statements and loan records, confidential partnership agreements, NDAs, correspondence between Amey and UK government departments and councils, and technical blueprints
Individual Risk: 2.221 = Severe
Employee data impacted in this breach includes scans of passports, driving licenses, and identity documents of company employees and directors, financial reports, employment records (new hire offers and resignation letters) and meeting notes.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: It only takes one ransomware attack to blow up your budget for the year, and it’s still early! Don’t leave anything to chance – put as much protection as you can in place to repel ransomware attacks.
ID Agent to the Rescue: Are your customers waffling about whether or not they really need security upgrades? Let us help you seal the deal to get them the protection they need with Goal Assist. LEARN MORE>>
The Week in Breach News – Australia & New Zealand
New Zealand – The Reserve Bank of New Zealand
https://www.dw.com/en/new-zealand-central-bank-hit-by-cyberattack/a-56184575
Exploit: Ransomware
The Reserve Bank of New Zealand: Central Government Bank
Risk to Business: 1.827 = Severe
The Reserve Bank of New Zealand (RBNZ) announced that it has experienced a data breach as a result of an unauthorized access incident at a third-party file-sharing service used by the bank to share and store some sensitive information. The nature and extent of information that has been potentially accessed is still being determined
Individual Impact: There is no confirmed information about the nature of this stolen data, but it may include some commercially and personally sensitive information.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is a favored weapon for both run-of-the-mill cybercriminals and nation-state hackers – and no organization is too big or too small to fall victim to ransomware.
ID Agent to the Rescue: Every business is at risk of ransomware via phishing. Phishing resistance training works, but only if you refresh it at least quarterly. Fortunately, BullPhish ID gives you plenty of options for fresh training material. LEARN MORE>>
Australia – Health and Community Services Union Tasmania
Exploit: Unsecured Database
Health and Community Services Union Tasmania: Regional Health Department
Risk to Business: 2.772 = Severe
A massive data exposure was uncovered at Tasmania’s Health department, leading to the exposure of some extremely sensitive information. Reports have surfaced that any person who called the State’s ambulance service starting in November 2020 have had their personal details posted publicly online. The data leak has since been addressed and is under investigation.
Individual Risk: 1.811 = Severe
Reports say that over 26,000 pages of pager messages about patients between the ambulance service, dispatchers and healthcare personnel have been published including patients’ condition, personal details, addresses, HIV status, gender and age.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Security lapses like this aren’t just regrettable, they’re preventable. Failure to make sure that sensitive information is actually secure doesn’t speak well to any organization’s commitment to security.