"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 01/26/22 – 02/01/22

Advocates

https://www.scmagazine.com/analysis/breach/68k-affected-by-data-theft-sophisticated-network-hack-of-nonprofit-advocates
Exploit: Hacking

Advocates: Health & Social Services Non-Profit


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.727= Severe
Advocates announced that it had been the victim of a cyberattack. A hacker gained access to the organization’s network in mid-September 2021. The attacker gained access to data tied to 68,000 clients served by Advocates and likely copied the data. The Massachusetts-based non-profit provides a range of services for individuals with autism, brain injuries, mental health, addiction, and other health conditions. Advocates is cooperating with the ongoing FBI investigation.



cybersecurity news represented by agauge showing severe risk


Individual Risk: 1.603= Severe
Current and former clients of Advocates are at risk of having their data exposed in this incident. The stolen data included names, contacts, Social Security numbers, dates of birth, client identification numbers, health insurance information, diagnoses and treatments. All impacted individuals will receive free credit monitoring and identity theft protection services.

Customers Impacted: 68,000

How It Could Affect Your Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.

 

 

Senate of Puerto Rico

https://abcnews.go.com/International/wireStory/official-puerto-ricos-senate-targeted-cyberattack-82495236
Exploit: Hacking

Senate of Puerto Rico: State Legislative Body


cybersecurity news represented by agauge showing severe risk


Risk to Business: 2.223 =Severe
Puerto Rico’s Senate announced Wednesday that it was the target of a cyberattack that disabled its internet provider, phone system and official online page Senate President José Luis Dalmau said in a statement that there is no evidence that hackers were able to access sensitive information belonging to employees, contractors or consultants, although the incident is still under investigation.

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How It Could Affect Your Business: Cyberattacks o government agencies have been ramping up in recent months without the impetus of added tension in Eastern Europe.

 

 

Kings County Public Health Department

https://portswigger.net/daily-swig/california-public-office-admits-covid-19-healthcare-data-breach
Exploit: Misconfiguration

Kings County California Public Health Department: Local Government Agency


cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.711= Moderate
Kings County, California announced that the security flaw in its public webserver made limited information on COVID-19 cases available on the internet. The misconfiguration has been chalked up to a negligent third-party contractor. Discovered in mid-November 2021, officials say that the flaw was in place starting on February 15, 2021, and was corrected on December 6, 2021.



cybersecurity news represented by a gauge indicating moderate risk


Individual Risk: 2.701= Moderate
In a statement, the county said that names, dates of birth, addresses and COVID-related health information for county COVID-19 cases was among the data that was available to view. They’ve set up a dedicated call center to answer questions from the public.

Customers Impacted: Unknown

How It Could Affect Your Business: Misconfiguration incidents due to employee or contractor negligence are just as expensive and damaging as cybercrime when regulators get finished with companies that have them.

 

 

Canada – Global Affairs Canada

https://www.bleepingcomputer.com/news/security/canadas-foreign-affairs-ministry-hacked-some-services-down/
Exploit: Hacking

Global Affairs Canada: National Government Agency


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.719 = Severe
Global Affairs Canada (GAK) Canada’s foreign affairs ministry has announced that it was the victim of an unnamed cyberattack on January 19, 2022. The Treasury Board of Canada Secretariat (TBS), Shared Services Canada, and Communications Security Establishment confirmed the incident in a joint statement. GAC says that critical services remain accessible, but some online services are unavailable as the recovery efforts continue. No information has been released about the identity of the attackers or the specific attack type, a subject of interest at a time of heightened risk for nation-state cyber activity.

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Organizations should keep in mind the fact that the preferred weapon of nation-state cybercriminals is ransomware.

 

 

United Kingdom – Qubit Finance

https://therecord.media/qubit-finance-platform-hacked-for-80-million-worth-of-cryptocurrency/
Exploit: Hacking

Qubit Finance: De Fi Platform


cybersecurity news gauge indicating extreme risk


Risk to Business: 1.204= Extreme
A threat actor has stolen approximately $80 million from Qubit Finance after exploiting a flaw in the De Fi platform. Qubit said the attacker was able to steal 206,809 Binance coins (BNB) from its wallet on January 27, 2022. The hacker used a vulnerability in one of its Ethereum blockchain contracts to do the deed. The company has issued a public plea for the threat actor to return the stolen funds, asking them to get in contact with its team to “disclose the bug and receive a bounty reward”. This is sometimes used as a means of circumventing legal trouble for paying a ransom.

Individual Impact: No information about exposed customer personal or financial data was available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: DeFi has been buried under an avalanche of cybercrime lately and there doesn’t appear to be an end in sight.

 

 

France – Ministry of Justice (Chancellerie)

https://www.securityweek.com/french-ministry-justice-targeted-ransomware-attack
Exploit: Ransomware

Ministry of Justice: National Government Agency


cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.876 = Moderate
An outfit that identifies themselves as LockBit 2.0 posted a message on their dark web leak site claiming to have hit the French Ministry of Justice’s systems, making off with data. The hackers did not specify what data was stolen or how much, but they are threatening to expose it in early February if they’re not paid an unspecified ransom. The ministry’s press office has told reporters that it is aware of the claim and that an investigation has been launched.

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Cybercriminals have been having a field day going after government agencies, a problem that is only growing worse.

 

 

Belarus – Belarusian Railways

https://therecord.media/cyber-partisans-hacktivists-claim-credit-for-cyberattack-on-belarusian-railways/
Exploit: Hacking

Belarusian Railways: Rail Transportation Authority


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.806 = Severe
As tensions mount in Eastern Europe, the hacktivist group “ Cyber Partisans” announced on Twitter that they had disrupted networks and databases related to the national rail system in Belarus on January 31, 2022. The group demanded the release of political prisoners and a guarantee preventing the use of railway transportation infrastructure to support Russian troop movements. The railroad’s website appears to confirm that online resources and systems related to issuing electronic tickets are not operational. No further details of the incident were available at press time.

Individual Impact: No specifics about consumer/employee PII or financial data loss were available at press time.

Customers Impacted:
How it Could Affect Your Business: International tensions are rising, creating more opportunities for activism and nation-state cybercrime.

 

 

South Africa – Curo Fund Services

https://mybroadband.co.za/news/security/432056-ransomware-attack-took-down-r2-trillion-investment-company-for-five-days.html

Exploit: Ransomware

Curo Fund Services: Financial Services


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.621 = Severe
Curo Fund Services, South Africa’s biggest provider of investment administration services, was the victim of a ransomware attack that left the company unable to access its systems for five days. The company assured clients that no money was at risk and their sensitive data was not in jeopardy. The attack prevented Curo’s clients from processing investment-related instructions or offering other services through the company’s platform. The incident is under investigation.

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: The financial sector has been a huge target for ransomware groups, from De Fi platforms to investment banking houses, and companies should be very cautious.

 

 

Singapore – Delta Electronics

https://thestack.technology/delta-electronics-ransomware-attack/?amp=1
Exploit: Ransomware

Delta Electronics: Computer Hardware Manufacturing


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.771 = Severe
Delta Electronics has disclosed that it was the victim of a ransomware attack. The company, a supplier of power management products for Dell and HP, says that they are experiencing technical difficulties that have been limited to non-critical networks. Reports say that customer support and service sites for the US and EMEA clients were unavailable for about 10 days after the attack. An unnamed threat actor has claimed responsibility.

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Epic supply chain problems have manufacturers under stress, and cybercriminals love to take advantage of a bad situation.

 

 
 
Change Management Basics for Technology Refreshes
The Week in Breach News: 01/19/22 – 01/25/22

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.