InTegriLogic Blog
The Week in Breach News: 04/05/23 – 04/11/23
Proskauer Rose
https://news.bloomberglaw.com/business-and-practice/proskauer-rose-cyber-attack-left-sensitive-client-data-unguarded
Exploit: Human Error
Proskauer Rose: Law Firm
Risk to Business: 1.211 = Extreme
New York-based law firm Proskauer Rose has experienced a data breach that resulted in the exposure of sensitive client data. The firm said that the incident was the result of a misconfiguration after it hired an outside company to configure a cloud database. Unfortunately, that was done incorrectly and data from Proskauer’s merger and acquisitions business was left on an unsecured Microsoft Azure cloud server for an estimated six months. The 184,000 exposed files include financial and legal documents, contracts, non-disclosure agreements and financial deals.
How It Could Affect Your Business: Any service provider or supplier can be the reason for a company’s cybersecurity trouble.
Camden County Police Department
https://www.nbcnewyork.com/news/local/ransomware-attack-at-nj-county-police-department-locks-up-criminal-investigative-files/4219341/
Exploit: Ransomware
Camden County Police Department: Law Enforcement Agency
Risk to Business: 1.873 = Severe
The Camden County, New Jersey Police Department (CCPD) disclosed that it has experienced a ransomware attack that has left it without access to some systems and data. CCPD said that access to criminal investigative files and day-to-day internal administration abilities have been impacted. A department spokesperson said that the incident began about three weeks ago. The hackers have made an unspecified ransom demand. The FBI, NJ State Homeland Security’s office and the New Jersey attorney general’s office were all notified of the incident and are assisting in the investigation.
How It Could Affect Your Business: Agencies that hold sensitive data are juicy targets for cybercriminals looking for a quick score.
Nordik Spa
https://toronto.citynews.ca/2023/04/08/groupe-nordik-spa-data-breach/
Exploit: Hacking
Nordik Spa: Spa Chain
Risk to Business: 1.718 = Severe
Quebec-based luxury spa chain Nordik Spa has disclosed that it had experienced a data security incident that may have impacted customers who had purchased gift certificates on its website. The company said that customers who completed those transactions between November 4, 2022, and February 27, 2023, may have had their credit card data and personal information compromised. Exposed data may include customer’s personal data including full names, street addresses and credit card details. The incident is under investigation.
How It Could Affect Your Business: Any business engaging in online commerce needs to take extra precautions against credit card data theft.
Holland – Royal Dutch Football Association
https://therecord.media/netherlands-dutch-football-association-cyberattack-soccer
Exploit: Hacking
Royal Dutch Football Association: Sports League
Risk to Business: 2.819 = Moderate
The Royal Dutch Football Association has announced that hackers were able to steal the personal information of its employees during a cyberattack. Last Tuesday, a spokesperson from the league said that bad actors had penetrated the company’s network. The network was not taken down, but attackers were able to snatch employee data. Officials say that the incident has been reported to the Dutch Data Protection Authority.
How It Could Affect Your Business: Employee data is a good score for cybercriminals and it needs to be protected just as strongly as customer data
Belgium – The City of Herselt
https://cyberwarzone.com/herselt-municipality-hit-by-cyberattack/
Exploit: Hacking
City of Herselt: Municipal Government
Risk to Business: 1.423 = Severe
The municipality Herselt in Belgium has fallen victim to a cyberattack that has caused a disruption in city services. The attack left several municipal facilities closed including the Mixx Leisure Center, the town hall, the library and the Public Center for Social Welfare. City employees have been dealing with technology outages that have left them unable to send or receive emails and taken away access to services such as document requests, submissions, and the leisure center’s reservation system. Officials say that they are working to resolve the incident as quickly as possible.
How it Could Affect Your Business: Governments and government agencies have been favored targets of bad actors for ransomware and data theft in the past two years.
UK – UK Criminal Records Office
https://www.theregister.com/2023/04/06/acro_security_incident/
Exploit: Hacking
UK Criminal Records Office (ACRO): Government Agency
Risk to Business: 1.709 = Severe
The UK Criminal Records Office (ACRO) has disclosed that it has experienced a cybersecurity incident that has resulted in the agency taking its customer portal offline. The government agency manages criminal record information which is shared with employers, officials and other government agencies worldwide. The incident occurred between January and March 2023. In a caution letter to users of the service the agency said that identification information and criminal conviction data many have been exposed. The letter also noted that a nominated endorser’s name, relationship to the applicant, occupation, phone numbers, email address and case reference number could have been affected. The ICO and NCSC have been informed.
How it Could Affect Your Business: The extremely sensitive data that agencies like this hold is very valuable on the dark web.
Taiwan – Micro-Star International
https://www.bleepingcomputer.com/news/security/money-message-ransomware-gang-claims-msi-breach-demands-4-million/
Exploit: Ransomware
Micro-Star International: Computer Hardware Manufacturer
Risk to Business: 2.836 = Moderate
The Money Message ransomware group has added Micro-Star International, a maker of motherboards, graphics cards and other computer components, to its dark web leak site. The group said that they snatched a variety of proprietary data including the hardware vendor’s CTMS and ERP databases and files containing software source code, private keys and BIOS firmware. All told the threat actors claimed to have stolen 1.5TB of data from MSI’s systems and they’re demanding a ransom payment of $4 million.
How it Could Affect Your Business: Information about operational technology (OT) is high on cybercriminal shopping lists.
Australia – OCR Labs
https://securityaffairs.com/144514/data-breach/ocr-labs-data-leak.html
Exploit: Human Error
OCR Labs: Technology Company
Risk to Business: 2.733 = Extreme
OCR Labs, a maker of digital identity technology, has experienced a data breach that has exposed sensitive network data belonging to several major clients. The incident was caused by a misconfiguration of the company’s system that left the data available on the internet to anyone. The data leak affected a range of clients including a variety of financial institutions in the UK and Australia. QBANK, Defence Bank, Bloom Money, Admiral Money, MA Money and Reed are among the institutions affected. The company said that it has taken steps to address the problem.
How it Could Affect Your Business: This is a major disaster for the reputation of a company with a stable full of big clients and it could damage its future prospects.