"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 03/22/23 – 03/28/23

Breach-2

The City of Oak Ridge, Tennessee

https://www.scmagazine.com/brief/ransomware/ransomware-attack-disrupts-tennessee-city

Exploit: Ransomware
The City of Oak Ridge, Tennessee: Municipal Government



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.702 = Severe
Officials in the City of Oak Ridge, TN, have disclosed that the city has been hit by a ransomware attack that has caused a network disruption that has impacted city services. Officials were quick to reassure citizens that the Oak Ridge Police Department and the city’s fire department could still be contacted through 911 and weren’t affected. However, the city was left unable to process utility payments due to the malware attack, noting that disconnect orders and late fees will not be added during the outage. Officials say that they are working to restore services as quickly as possible.

How It Could Affect Your Business: Governments at every level continue to be popular targets for ransomware groups.

Puerto Rico Aqueduct and Sewer Authority (PRASA)

https://securityaffairs.com/144022/hacking/puerto-rico-aqueduct-and-sewer-authority-attack.html

Exploit: Ransomware


Puerto Rico Aqueduct and Sewer Authority (PRASA): Utility



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.711 = Moderate
The Vice Society ransomware group has claimed responsibility for a ransomware attack on the Puerto Rico Aqueduct and Sewer Authority (PRASA). Officials disclosed the attack on March 19, saying that threat actors had gained access to customer and employee information. People impacted are being informed by letter. Utility services were not affected.

How It Could Affect Your Business: 14 of 16 critical infrastructure sectors were hit by ransomware attacks last year.

 

Kroger Postal Prescription Services

https://www.jdsupra.com/legalnews/kroger-postal-prescription-services-4845634/

Exploit: Human Error


Kroger Postal Prescription Services: Pharmacy Delivery Service



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.706 = Severe
Kroger Postal Prescription Services (PPS) has filed a notice of a data breach. In a report to the Department of Health and Human Services, PPS noted that 82,466 Kroger customers who created online PPS accounts from July 2014 to Jan. 13, 2023, had their names and email addresses compromised due to an employee error. PPS said that on March 15, 2023, they sent out data breach letters to all individuals whose information was compromised.

How It Could Affect Your Business: Employee errors are a gateway to expensive, damaging data breaches and other cybersecurity problems, and training reduces them.

SundaySky Inc.

https://www.jdsupra.com/legalnews/sundaysky-inc-notifies-37-095-consumers-9885854/

Exploit: Hacking


SundaySky Inc.: Video Marketing Platform



1.51 – 2.49 = Severe Risk


Risk to Business: 1.623 = Severe
SundaySky Inc. is a video marketing software company based in New York, has admitted that it has suffered a data breach thanks to hackers breaking into a few of its servers. The company said that an unauthorized party had accessed its cloud-based U.S. servers and copied certain files between January 6 and January 8, 2023. SundaySky works with healthcare providers including health plans to create marketing videos. Consumer information was accessed in the incident including consumers’ first names, personal email addresses and information related to their Healthcare Savings Accounts. The company said that it is working with federal law enforcement to investigate the incident.

How It Could Affect Your Business: Companies that are adjacent to the healthcare industry need to maintain a strong security posture to avoid expensive disasters.

US Wellness

https://fox59.com/business/press-releases/cision/20230322SF49760/us-wellness-provides-notification-of-data-security-incident/

Exploit: Supply Chain Attack


US Wellness: Healthcare Provider



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.899 = Moderate
Blue Cross Blue Shield of Arizona (BCBSAZ) members are being informed that their personal data may have been compromised in a data breach involving a vendor of BCBSAZ, US Wellness. In turn, US Wellness points to one of its vendors as the source of the data breach. US Wellness says that it was informed on January 31, 2023, that an unnamed vendor had experienced a data breach. Ultimately, US Wellness was informed on February 9, 2023, that the vendor’s incident resulted in the exposure of personal data belonging to BCBSAZ members. Information impacted includes a member’s name, address, date of birth, member ID number, where a service originated and address of the service location.

How it Could Affect Your Business: Supply chain risk, especially from service providers, is a top concern for businesses as it continues to grow.

Twitter

https://www.theverge.com/2023/3/27/23657928/twitter-source-code-leak-github

Exploit: Malicious Insider


Twitter: Social Media Platform



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.709 = Severe
Troubled social media giant Twitter has disclosed that some proprietary source code for Twitter’s platform and internal tools was exposed via GitHub. Twitter recently made a court filing in California to force GitHub to turn over data that could help the platform find the person responsible for the leak and give them information about any other GitHub users who may have downloaded the data. Twitter has also asked GitHub to take down the code. The New York Times reports that Twitter sources tell them that the company suspects that an employee who left the company last year may be responsible for the leak. GitHub has not commented on whether or not it would comply with Twitter’s request, but the information has apparently been available for several months. Twitter no longer has a press office to respond to inquiries, a casualty of the Elon Musk takeover.

How it Could Affect Your Business: Disgruntled employees are a huge security risk, and many take proprietary data with them when they leave a company.

The City of Toronto

https://www.bleepingcomputer.com/news/security/city-of-toronto-confirms-data-theft-clop-claims-responsibility/
Exploit: Supply Chain Attack


The City of Toronto: Municipal Government



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.836 = Severe
The Cl0p ransomware group has been on a cyberattack spree after turning its sights to exploiting a remote code execution flaw in Fortra’s GoAnywhere secure file transfer tool. The latest victim added to the list is the City of Toronto, Canada. The city confirmed on March 23, 2023, that it has experienced a data breach through an attack on a third-party vendor, resulting in the exposure of unspecified city data. The city says that it is in the early stages of its investigation, and it has not yet uncovered evidence that consumer data was impacted. Over 100 organizations have been hit by Cl0p in this crime wave including two others recently added to the gang’s dark web leak site, Virgin Red and the UK’s Pension Protection Fund (PPF).

How it Could Affect Your Business: Once a bad actor finds a juicy exploit, they’ll hammer at it until it stops working. Patching and regular maintenance can help reduce risk.

 

UK -Walsall Healthcare NHS Trust

https://www.birminghammail.co.uk/black-country/walsall-healthcare-nhs-trust-dealing-26542780
Exploit: Hacking


The Walsall Healthcare NHS Trust: Healthcare Provider



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.733 = Moderate
The Walsall Healthcare NHS Trust, the operator of Walsall Manor Hospital, said that it has been hit by a cyberattack. The incident began two weeks ago on March 10, although it was only made public last Thursday, and it has since been contained. Hospital operations did not appear to be impacted. Signs point to a data breach, but exactly what data has been stolen was not specified. Hospital officials said that they are working with the U.K.’s National Cyber Security Centre and the Information Commissioner’s Office (ICO) to investigate the incident.

How it Could Affect Your Business: This hospital got lucky, bad actors have been pounding hospitals with ransomware.

Alliance Healthcare

https://www.scmagazine.com/news/incident-response/cyberattack-hits-spanish-pharmaceutical-company-alliance-healthcare

Exploit: Ransomware


Alliance Healthcare: Pharmaceutical Company



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.733 = Severe
Spain’s leading pharmaceutical company, Alliance Healthcare, has experienced a likely ransomware attack. The company said that the attack began on March 17 and led to a complete shutdown of the company’s website, billing systems and ordering processes. The incident has led to drug supply shortages due to the snarled ordering and shipping systems as pharmacies scramble to resupply from other drug companies. Those delays and outages may linger. The incident remains under investigation.

How it Could Affect Your Business: Pharmaceutical companies have two major cyberattack risk factors: they’re suppliers and in the hard-hit healthcare sector.

Guam – Docomo Pacific

https://www.telecomlead.com/telecom-services/docomo-pacific-says-cyber-attack-impacted-systems-109533
Exploit: Hacking


Docomo Pacific: Telecommunications Provider



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.733 = Severe
Docomo Pacific, a major provider of mobile, television, internet and telephone services in Guam and the Northern Mariana Islands, has experienced a cyberattack that has negatively impacted its systems. The company disclosed that the March 18, 2023 attack led to customers throughout the region losing some of their services. The company stressed that customer data, mobile network services and fiber services remain unaffected. Some services were restored over the weekend, but the company has not offered a timeline for other services being restored after a Facebook post with a service restoration update was inundated with comments from angry customers.

How it Could Affect Your Business: Communications companies are infrastructure targets too, an attractive proposition for bad actors because of the time-sensitive nature of their business.

The Week in Breach News: 03/29/23 – 04/04/23
The Week in Breach News: 03/14/23 – 03/21/23

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.