"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 01/19/22 – 01/25/22

RR Donnelly

https://www.bleepingcomputer.com/news/security/marketing-giant-rrd-confirms-data-theft-in-conti-ransomware-attack/
Exploit: Ransomware

RR Donnelly: Marketing & Communications Firm


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.227= Severe
Major marketing company RR Donnelly has disclosed that they had data stolen in a December cyberattack attributed to ransomware. The Conti ransomware group is suspected to be to blame. In the attack on December 27, 2021, the company experienced a systems intrusion that led it to shut down its network to prevent the attack’s spread. That led to disruptions for customers, with some unable to receive printed documents required for vendor payments, disbursement checks and motor vehicle documentation. The Conti ransomware gang claimed responsibility on January 15 and began leaking 2.5GB of the stolen data that has since been removed.

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How It Could Affect Your Business: A recent rash of ransomware attacks against media and communications organizations should have everyone in that sector on notice.

 


 

Strategic Benefits Advisors, Inc

https://www.jdsupra.com/legalnews/data-breach-alert-strategic-benefits-8267696/

Exploit: Hacking

Strategic Benefits Advisors: Human Resources Consulting Firm


cybersecurity news represented by agauge showing severe risk


Risk to Business: 2.223 =Severe
In a recent legal filing, Strategic Benefits Advisors disclosed that an unauthorized third party had gained access to its data and may have removed several files containing consumer information. The Georgia-based company provides full-service employee benefits consulting for companies in many industries.



cybersecurity news represented by agauge showing severe risk


Individual Risk: 2.419=Severe
Strategic Benefits Advisors sent breach notification letters to more than 58,000 people to inform them of the exposure which the company says was limited to full names and Social Security numbers.

Customers Impacted: Unknown

How It Could Affect Your Business: Hackers have been especially interested in breaching companies that maintain large stores of data for other companies lately.

 


 

City of Tenino, Washington

https://www.govtech.com/security/washington-city-loses-280-309-to-successful-phishing-scam
Exploit: Phishing/BEC

City of Tenino, Washington: Municipality


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.717= Severe
The City of Tenino, Washington is down $280,309 in public funds according to the Washington State Auditor’s Office after a city employee fell for a phishing message that launched a business email compromise scam. Reports say that former Clerk Treasurer John Millard fell victim to a phishing message and paid cybercriminals a boatload of money, some without city council approval. The official reportedly initiated 20 automated clearing house payments from the city’s bank account to multiple out-of-state bank accounts. News outlets are also reporting that a warning was sent out to clerks about the phishing scam immediately but that didn’t stop this disaster from happening.

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How It Could Affect Your Business: BEC is the most expensive cybercrime according to the FBI, 64X more expensive than ransomware – and it usually starts with phishing.

 


 

Switzerland – The International Red Cross

https://www.npr.org/2022/01/20/1074405423/red-cross-cyberattack
Exploit: Third Party/Supply Chain

The International Red Cross: Humanitarian Aid Organization


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.719 = Severe
The International Committee of the Red Cross has revealed that hackers have stolen data from a Swiss contractor that stores it for them. The stolen data includes information about over 515,000 highly vulnerable people that it has served, recipients of aid and services from at least 60 affiliates of the organization worldwide. The Red Cross says it typically reunites 12 missing people with their families every day through that program. As a result of this cyberattack, The International Red Cross has been forced to temporarily halt a program that reunites families torn apart by violence, migration or other tragedies. A spokesperson for the ICRC told news outlets that there have been no demands from the hackers in exchange for stolen data and that they were working with specialized firms to recover.

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.

 


 

Italy – Montcler

https://www.bleepingcomputer.com/news/security/fashion-giant-moncler-confirms-data-breach-after-ransomware-attack/
Exploit: Ransomware

Montcler: Luxury Fashion & Outerwear


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.727= Severe
Luxury retailer Montcler has disclosed that it suffered a data breach in December 2021 after data began appearing on a cybercriminal leak site. The company confirmed that some data related to its employees, former employees, suppliers, consultants, business partners, and customers was stolen and subsequently leaked after they refused to pay the demanded $3 million ransom. The AlphaV (BlackCat) ransomware operation has claimed responsibility. The stolen data is said to include earning statements, spreadsheets with what appears to be customer information, invoices and other documents, but no specifics were provided.

Individual Impact: No information about exposed customer personal or financial data was available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: retailers have been steadily climbing the cybercriminal’s target hit list, especially luxury brands and specialty retailers.

 


 

New Zealand- Kings Plant Barn

https://www.nzherald.co.nz/business/kings-plant-barn-the-latest-retailer-hit-by-click-and-collect-data-breach/HJ45OFWAJ7NGGICU4THWBEZYOI/
Exploit: Third Party/Supply Chain

Kings Plant Barn: Garden Retailer


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.677 = Severe
Kings Plant Barn is notifying customers that it has experienced a data breach after a data security incident at FlexBooker. The garden chain says that client names, email addresses and collection times were exposed but not passwords or other sensitive data. FlexBooker experienced an attack before the holidays that resulted in the theft of more than three million user records. The platform is used for scheduling and employee calendar management by small businesses like doctor’s offices, real estate companies, service sector businesses and similar companies.

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: In an increasingly interconnected world, SMBs need to be prepared for the security risks that they may face from a service provider’s security incident.

 


 

Singapore – Crypto.com

https://www.vice.com/en/article/epxb8m/crypto-protocol-publicly-announces-flaw-users-relentlessly-owned-by-hackers
Exploit: Hacking

Crypto.com: Cryptocurrency Trading Platform


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.806 = Severe
Crypto.com, a platform that allows users to swap tokens between blockchains, publicly announced an incident in which a flaw in the platform’s security allowed cybercriminals to snatch an estimated $31 million in cryptocurrency. The company disclosed that 483 users were impacted by unauthorized cryptocurrency withdrawals on their accounts amounting to 4,836.26 ETH, 443.93 BTC, and approximately US$66,200 in other cryptocurrencies. In response to this incident, the company is adjusting its protocols to include safeguards like requiring all customers to re-login and set up their 2FA token to ensure only authorized activity would occur and a new policy where the first withdrawal to a whitelisted address must wait 24 hours among other measures.

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: 483

How it Could Affect Your Business: The financial industry has been besieged by cybercriminals and nothing si taking more of a beating than cryptocurrency and DeFi.

 
 


 
 

Indonesia – Bank Indonesia

https://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/
Exploit: Ransomware

Bank Indonesia: Financial Institution


cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.721 = Moderate
Bank Indonesia (BI), the central bank of the Republic of Indonesia, confirmed that a ransomware attack hit its networks last month. In a statement, BI said that their operational activities were not disrupted. CNN reported that the hackers made off with non-critical data belonging to Bank Indonesia employees before deploying ransomware payloads on over a dozen systems on the bank’s network. Conti has claimed responsibility. It claims to have 13.88 GB worth of documents and leaked a sample of files allegedly stolen from Bank Indonesia’s network as proof.

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.

 

The Week in Breach News: 01/26/22 – 02/01/22
How to Prioritize Your Technology Gaps

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.