InTegriLogic Blog
The Week in Breach News: 04/03/24 – 04/09/24
This week: A huge data breach at the U.S. Environmental Protection Agency (EPA), Panera Bread gets burned by a major systems outage, and bad actors are unwelcome guests at Omni Hotels.
U.S. Environmental Protection Agency (EPA)
https://www.hackread.com/us-environmental-protection-agency-hacked-data-leaked/
Exploit: Hacking
U.S. Environmental Protection Agency (EPA): Federal Agency
Risk to Business: 1.741 = Extreme
The U.S. Environmental Protection Agency (EPA) has experienced a serious data breach that has exposed multiple types of sensitive data. A hacker group calling itself USDoD told Hackread that it stole personal information from about 8.5 million customers, contacts and contractors, including names, surnames, email addresses, phone numbers, job titles and company names.
How It Could Affect Your Business: This massive data leak will impact people and companies for years to come as cybercriminals capitalize on the stolen data.
Panera Bread
https://www.bleepingcomputer.com/news/security/panera-bread-week-long-it-outage-caused-by-ransomware-attack/
Exploit: Ransomware
Panera Bread: Restaurant Chain
Risk to Business: 1.856 = Extreme
A week-long IT outage at quick service cafe chain Panera Bread has been confirmed as a ransomware attack. The incident began on March 22, 2024, impacting its internal IT systems, phones, point of sales (POS) system, website and mobile app. Stores were left unable to process electronic payments and reward programs were inaccessible. The trouble wasn’t resolved until March 26. The company has not released information about a ransom demand or if any data was stolen, saying the incident is still under investigation.
How It Could Affect Your Business: Losing its POS system is a massive disaster for any retailer or restaurant, leading to lost revenue and driving customers elsewhere.
Omni Hotels & Resorts
https://www.bleepingcomputer.com/news/security/omni-hotels-experiencing-nationwide-it-outage-since-friday/
Exploit: Ransomware
Omni Hotels & Resorts: Hospitality
Risk to Business: 1.721 = Severe
Major hotel chain Omni Hotels & Resorts has disclosed that it has experienced a ransomware attack that took down many of the company’s IT systems. The attack rendered reservation, hotel room door lock, and point-of-sale (POS) systems inoperable. All of Omni’s remained open and accepting new guests during the outage, but front desk employees experienced difficulties with new reservations, credit card payments and modifying already-made reservations. Omni said that it is still investigating and remediating the problem.
How It Could Affect Your Business: It has been a rough few years for the hospitality industry with a spate of disruptive attacks on major hotel, resort and casino chains.
Prudential Insurance
https://therecord.media/prudential-discloses-new-information-from-february-incident
Exploit: Hacking
Prudential Insurance: Insurer
Risk to Business: 1.803 = Severe
Prudential Insurance has disclosed in a filing with Maine officials that it experienced a data breach in February 2024. The company said it detected unauthorized access on February 5. In its subsequent investigation, Prudential discovered that an unauthorized party had gained access to its network on February 4, 2024, and stolen data. The insurer said that 36,545 people had some of their personal data stolen including their names, addresses and driver’s license or ID card numbers. Prudential has brought in a third-party expert to investigate and is working with law enforcement.
How It Could Affect Your Business: A data breach that exposes customers’ personal data can lead to a serious loss of reputation that is hard to repair.
Jackson County, Missouri
https://arstechnica.com/security/2024/04/missouri-county-declares-state-of-emergency-amid-suspected-ransomware-attack/
Exploit: Ransomware
Jackson County, Missouri: Regional Government
Risk to Business: 1.712 = Severe
Jackson County, MI has declared a state of emergency in response to a cyberattack. As a result of the attack, the county’s Assessment, Collection and Recorder of Deeds offices at all county locations are closed until further notice. County systems that are down include tax and online property payments, issuance of marriage licenses and inmate searches. Jackson County Executive Frank White Jr. issued an executive order declaring a state of emergency late last week. The county is working with law enforcement to investigate the attack.
How it Could Affect Your Business: Local governments can be paralyzed by a cyberattack, creating major problems for residents and businesses.
Chile – IxMetro Powerhost
https://www.bleepingcomputer.com/news/security/hosting-firms-vmware-esxi-servers-hit-by-new-sexi-ransomware/
Exploit: Ransomware
IxMetro Powerhost: Data Center and Hosting Provider
Risk to Business: 2.376 = Severe
IxMetro Powerhost, a Chilean company that provides hosting and a data center for companies around the world, has fallen victim to a ransomware attack. The attack was purportedly conducted by the relatively unknown SEXi ransomware group. The cybercriminals said that they encrypted the company’s VMware ESXi servers and backups. The websites or services that IxMetro Powerhost takes care of for its customers were knocked out. IxMetro Powerhost warned customers that it may be unable to restore those functions as its backup servers have also been encrypted.
How it Could Affect Your Business: Cyberattacks on business service providers can open the organizations they serve up to data security and cybersecurity trouble.
UK – CVS Group
https://www.theguardian.com/business/2024/apr/08/vet-group-cvs-personal-information-cyber-attack-hackers
Exploit: Hacking
CVS Group: Veterinary Services Provider
Risk to Business: 1.866 = Moderate
CVS Group, one of the United Kingdom (UK)’s largest providers of veterinary services, has informed regulators that it has experienced a data breach. CVS Group did not specify if the stolen data included employee or customer information, or a mix of both. Veterinary hospitals in the group experienced ongoing technology problems last week. CVS Group is comprised of 500 veterinary hospitals, primarily located in the UK.
How it Could Affect Your Business: A data breach is an expensive proposition for any business from the first stage of the investigation to the final stage of remediation.
UK – Leicester City Council
https://therecord.media/leicester-city-council-ransomware-data-breach
Exploit: Ransomware
Leicester City Council: Local Government
Risk to Business: 2.602 = Moderate
The INC ransomware group has claimed responsibility for an attack on the Leicester City Council. Officials confirmed that a cyber incident was identified on March 7. The group claims to have stolen 3 TB of data. City officials said that in the incident, the cybercriminals snatched 25 highly confidential documents including rent statements, applications to purchase council housing and personal identification documents such as passport information. City officials also said that there may have been additional data stolen. The Leicester City Council is working with Leicestershire Police and the National Cyber Security Centre (NCSC) and has notified the Information Commissioner’s Office of the breach.
How it Could Affect Your Business: Even just a handful of stolen documents can be enough to cause a major problem, especially when they contain sensitive data.
About the author
