"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 03/29/23 – 04/04/23

Breach-2

Western Digital

https://thehackernews.com/2023/04/western-digital-hit-by-network-security.html
Exploit: Hacking
Western Digital: Computer Hardware Manufacturer



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.702 = Severe
Western Digital, a California-based provider of data storage hardware, has announced that it was hit by a cyberattack last Monday. In the March 26, 2023, incident, bad actors gained access to a number of the company’s systems, forcing the company to take some services and systems offline. In a statement, the company acknowledged that My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, SanDisk Ixp and Wireless Charger products were impacted. Reports say that cloud, proxy, web, authentication, emails and push notification services are experiencing outages.

How It Could Affect Your Business: Manufacturers like this are sitting ducks as cybercriminals ramp up efforts against the supply chain.

 

NCB Management Services

https://www.securityweek.com/500k-impacted-by-data-breach-at-debt-buyer-ncb/
Exploit: Hacking


NCB Management Services: Debt Buyer



1.51 – 2.49 = Severe Risk


Risk to Business: 1.873 = Severe
Accounts receivable management company and debt buyer NCB Management Services has started informing consumers that their personal information was likely compromised in a data breach. The incident is expected to impact roughly 500,000 individuals. NCB said that hackers compromised some of NCB’s systems on February 1, 2023, giving them access to information from closed Bank of America credit card accounts. Included in this breach were names, addresses, phone numbers, email addresses, birth dates, driver’s license numbers, Social Security numbers and employment information for account holders. Financial data such as pay amounts, credit card numbers, routing numbers, account numbers and balances, and account statuses was also snatched.

How It Could Affect Your Business: Finance has been the top sector hit by cybercriminals for the last few years as the economy contracts

Lumen Technologies

https://www.cybersecuritydive.com/news/lumen-ransomware-attack/646135/
Exploit: Ransomware


Lumen Technologies: Communications and Network Services



cybersecurity news gauge indicating extreme risk


Risk to Business: 1.311 = Extreme
Lumen Technologies has announced that it is dealing with not one but two cyber incidents. According to a filing with the U.S. Securities and Exchange Commission (SEC), Lumen discovered that a number of their servers that support a segmented hosting service had been infected with ransomware. The Louisiana-based company acknowledged that the ransomware is impacting a small number of its enterprise customers, disrupting call center operations. The company also said that in a separate incident, it had discovered that bad actors had gained access to another part of the company’s IT systems, installed a different type of malware and stole data. The firm is evaluating whether any personally identifiable information (PII) or other sensitive information was stolen.

How It Could Affect Your Business: This dose of double trouble will be a powerful blow to the company’s reputation as well as its finances.

Cornell University

https://theithacan.org/news/students-bank-accounts-hacked-because-of-ticketing-software-breach/
Exploit: Supply Chain Attack


Cornell University: Institution of Higher Learning



1.51 – 2.49 = Severe Risk


Risk to Business: 1.819 = Severe
Cornell University has released a security alert warning that purchase data for ticketholders at some of its recent events has been stolen as the result of a platform breach at one of its vendors, AudienceView. The school cautioned that people who had purchased tickets for shows and events organized by the Cornell Concert Series, Cornell Athletics, Cornell Tickets and the Schwartz Center for the Performing Arts may have had financial data stolen. In some cases, students reported that money had already been snatched from their bank accounts. Other colleges and universities including Ithaca College, Virginia Tech University, SUNY Oswego, Colorado State University, Loyola University Chicago and McMaster University in Canada have also been impacted by the AudienceView breach. The ticketing platform company said that the breach was caused by malware discovered in its systems and that it is working with Mandiant to investigate the incident.

How It Could Affect Your Business: This is a valuable score of fast-selling credit card and financial data that means big profits for the bad guys.

TMX Finance

https://www.bleepingcomputer.com/news/security/consumer-lender-tmx-discloses-data-breach-impacting-48-million-people/
Exploit: Hacking


TMX Finance: Consumer Lender



cybersecurity news gauge indicating extreme risk


Risk to Business: 1.423 = Extreme
TMX Finance, a lender based in Canada with operations in the U.S. and Canada, has disclosed a data breach that impacts customers of its subsidiaries TitleMax, TitleBucks, and InstaLoan. TMX said that the breach likely began in early December 2022 but that it did not detect the breach until February 13th, 2023. The personal data of 4,822,580 customers was potentially exposed in the incident. TMX says that the exposed customer data includes a client’s Full name, date of birth, passport number, driver’s license number, federal/state identification card number, tax identification number, U.S. Social Security number, financial account information, phone number, physical address and email address.

How it Could Affect Your Business: This will be an expensive disaster for TMX after regulators in both countries wind their way through its subsidiaries.

 

UK – Capita

https://www.infosecurity-magazine.com/news/outsourcer-capita-contained-cyber/
Exploit: Hacking


Capita: Business Services Provider



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.709 = Severe
London-based business services giant Capita has disclosed that it has been hit by a cyberattack that has caused disruption to some of its internal processes. The company said in a statement that the cyberattack, which took place last Friday primarily impacted access to internal Microsoft Office 365 applications and some online services for customers. The fallout lasted for about three days. Capita performs crucial operations for the NHS and the military in Britain. The company was still restoring online services for customers on Monday morning.

How it Could Affect Your Business: Business services providers have been front and center in the rising tide of supply chain cyberattacks.

Italy – Toyota Italy

https://securityaffairs.com/144151/hacking/toyota-customer-data-leak.html
Exploit: Human Error


Toyota Italy: Car Company



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.836 = Moderate
Toyota Italy has acknowledged that it accidentally leaked sensitive data about its customers for at least the last 18 months. The data leak occurred through likely misconfiguration in its Salesforce Marketing Cloud and Mapbox APIs. The company exposed its credentials to the Salesforce Marketing Cloud, giving bad actors possible access to Toyota clients’ phone numbers and email addresses, customer tracking information and email, SMS and push-notification contents. The company also exposed application programming interface (API) tokens for Mapbox, a U.S. based mapmaker. Toyota Italy said that it has taken steps to close those gaps.

How it Could Affect Your Business: Even a small misconfiguration or mistake with an API can be a huge, expensive disaster for a company

Crown Resorts

https://www.reuters.com/technology/crown-resorts-data-vendor-hacked-limited-number-its-files-impacted-2023-03-27/
Exploit: Hacking


Crown Resorts: Casino Operator



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.733 = Moderate
Crown Resorts is the latest company to fall victim to the exploitation of GoAnywhere. By the Cl0p ransomware group. The company said last Monday that a ransomware group had contacted Crown Resorts, claiming to have gained access to some files through the GoAnywhere file transfer service zero-day exploit. Crown Resorts was quick to reassure the public that no customer data was compromised, and the company’s resort, casino and business operations have not been impacted. More than 100 companies have been hit by Cl0p in the GoAnywhere snafu.

How it Could Affect Your Business: This might have been avoidable with fast patching once this exploit became public weeks ago.

Meriton

https://www.9news.com.au/national/meriton-cyber-hack-australia/63d500ca-8685-466b-8097-b45c25d40697

Exploit: Hacking


Meriton: Hotel Operator



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.733 = Severe
Major Australian hotel and holiday home operator Meriton has disclosed that it has experienced a cyber indent that led to the exposure of personal data. More than 1800 guests and staff members employed by Meriton may potentially have had their data stolen when hackers struck the luxury developer on January 14, 2023. Guests staying in Meriton properties may have had their contact information exposed. Meriton employees were hit harder, with their bank accounts, tax file numbers and employment information, which includes particulars about salaries, disciplinary history and performance appraisals possibly accessed by hackers. The company said that the incident was reported to the Australian Cyber Security Centre and the Office of the Australian Information Commissioner.

How it Could Affect Your Business: This breach hit two tracks of data for Meriton, doubling its chance of a big fine.

 

The Week in Breach News: 04/05/23 – 04/11/23
The Week in Breach News: 03/22/23 – 03/28/23

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.