"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 02/15/23 – 02/21/23

Breach-6

U.S Federal Bureau of Investigation (FBI)

https://www.reuters.com/world/us/fbi-says-it-has-contained-cyber-incident-bureaus-computer-network-cnn-2023-02-17/

Exploit: Hacking
U.S. Federal Bureau of Investigation: Federal Government Agency



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.657 = Severe
The U.S. Federal Bureau of Investigation (FBI), an agency that is often tapped to investigate cyberattacks, is investigating a cyberattack of its own. The agency has not released any specifics about the incident, but news outlets report the hacking involved systems based in the Bureau’s New York field office used by investigate child sexual exploitation. No clear timeline on this hack has been made available and the FBI has offered no comment beyond confirming that the Bureau is investigating a cyber incident.

How It Could Affect Your Business: Government agencies and entities at every level are prime targets for the bad guys.

 

Burton Snowboards

https://www.bleepingcomputer.com/news/security/burton-snowboards-cancels-online-orders-after-cyber-incident/

 

Exploit: Hacking

 


Burton Snowboards: Athletic Equipment Company



1 – 1.5 = Extreme Risk


Risk to Business: 1.402 = Extreme
Legendary snowboard maker Burton has canceled all of its online orders because of an unspecified cyber incident. The company said in a statement that it was experiencing an online outage because of a cyberattack. Customers were advised to buy in person at Burton retailer or use the company’s rental program. Burton said that it’s currently investigating the incident with the help of outside experts to establish its impact. No word on what if any data was affected or a timeline for Burton to resume processing online orders.

How It Could Affect Your Business: Retailers have been seeing increasing cybersecurity problems around their online operations.
 

Lehigh Valley Health Network (LVHN)

https://www.wfmz.com/news/area/lehighvalley/lvhn-reports-cyberattack-by-russian-ransomware-gang/article_6ceb11e0-b133-11ed-9bdc-7b7c0a2adf99.html

 

Exploit: Ransomware

 


Lehigh Valley Health Network: Healthcare Provider



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.808 = Severe
Lehigh Valley Health Network, based in Pennsylvania, has disclosed that it has been the victim of a ransomware attack by the Black Cat/ALPHV ransomware group. The hospital system was quick to assure the public that it was not experiencing any operational disruption. LVHN did not specify the demanded ransom amount but did state that they have no intention of paying the extortionists. The hospital says that on February 6, 2023, the group gained access to the network in a radiology office connected to the hospital and used that access to launch a ransomware attack against LVHN. BlackCat allegedly stole patient data in this attack, including patient images regarding radiation oncology treatment.

How It Could Affect Your Business: Healthcare targets have been getting hammered by ransomware groups and hackers thanks to the wide array of valuable data they hold.

 

 

United Kingdom – National Health Service (NHS)

https://www.infosecurity-magazine.com/news/data-leak-hits-thousands-of-nhs/

 

Exploit: Human Error

 


National Health Service (NHS): Government Agency



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.779 = Moderate
Britain’s National Health Service (NHS) has experienced a data leak caused by an employee error. Around 14,000 employees at The Liverpool University Hospital Foundation Trust (LUHFT) have been informed that their personal data may have been exposed because of any employee blunder. In the incident, an employee mistakenly sent an Excel file sent to hundreds of NHS managers and 24 external accounts containing personal and sensitive payroll information. Impacted workers have been informed in a letter of apology and the incident has been reported to the Information Commissioner’s Office.

How It Could Affect Your Business: Employee mistakes can cause expensive data security incidents that are as bad or worse than a cyberattack.

Ireland – Tusla

https://www.thejournal.ie/tusla-contact-20000-people-data-compromised-during-hse-cyber-attack-5999841-Feb2023/

 

Exploit: Supply Chain Breach

 


Tusla: Government Agency



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.879 = Moderate
Ireland’s children and family services agency Tusla will begin informing an estimated 20,000 people that their data was compromised during a 2021 cyber-attack on the HSE. That agency provides IT services for Tusla. The impacted data belonged to both individuals and to staff members. Officials offered HR data as an example of the internal use data types that could be involved and referral letters, reports, email correspondence as examples of the user data that was compromised. Victims will have the option to go to an online portal to find out the specifics about their compromised data or call a hotline.

How it Could Affect Your Business: Security problems at service providers quickly end up becoming security problems for their clients.

 

Portugal – Aguas do Porto

https://securityaffairs.com/142477/cyber-crime/lockbit-water-utility-aguas-do-porto.html

 

Exploit: Ransomware

 


Aguas do Porto: Utility



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 1.709 = Severe
The Lockbit ransomware gang is supposedly behind a ransomware attack on Portuguese water utility Aguas do Porto. The group claims to have stolen data and added the utility to its dark web leak site last week with a “pay by” demand date of March 7, 2023, to avoid the release of that data. The company confirmed that it did experience a security breach on January 30. Aguas do Porto said that the attack impacted some of its services, but not the water supply and sanitation operations. The National Cybersecurity Center and the Judiciary Police are investigating the security breach.

How it Could Affect Your Business: Infrastructure targets are favorites of ransomware groups, with 14 of 16 infrastructure sectors experiencing attacks last year.

 

Bulgaria – MyQRcode

https://therecord.media/all-classes-canceled-at-irish-university-as-it-announces-significant-it-breach/
Exploit: Misconfiguration

 


MyQRcode: Code Generator Website



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.711 = Severe
Popular Bulgaria-based QR code generator website MyQRcode has been leaking data due to a misconfiguration. The site has leaked an estimated 128 GB of data that includes the personal information of about 66,000 users. The Elasticsearch server involved was accidentally left publicly accessible without any security authentication or password. That problem was compounded by the fact that the company was seemingly unaware of the problem and continues to update the server with new user records daily until recently. The leaked data includes personal and login credentials of My QR Code customers, including full names, job titles, email addresses, password hashes, URLs to QR codes, phone numbers, mailing addresses, links to users’ social media profiles and links to users’ personal, business, or company websites.

How it Could Affect Your Business: Misconfigurations can create tremendous problems that can take a long time to discover.

India – RailYatri

https://www.hackread.com/indian-ticketing-platform-railyatri-hacked/
Exploit: Hacking

 


RailYatri: Transportation Booking Platform



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.823 = Severe
Major Indian rail booking platform RailYatri has suffered a data breach that has resulted in personal information becoming exposed for over 31 million travelers. The initial breach occurred in December 2022, but the customer data was just made available in the dark web forum Breachforums. The 12 GB worth of leaked data includes users’ email addresses, full names, genders, phone numbers and locations as well as 37,000 invoices detailing travel plans.

How it Could Affect Your Business: This kind of data is attractive to bad actors and can bring them a pretty penny when reselling it on the dark web.

 

The Week in Breach News: 02/22/23 – 02/28/23
The Week in Breach News: 02/08/23 – 02/14/23

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.