"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 05/10/23 – 05/16/23

Breach-3

Two huge healthcare breaches, employee data gets exposed at the U.S. Department of Transportation, and bad actors feast on Sysco’s data.

 

PharMerica

https://www.bleepingcomputer.com/news/security/ransomware-gang-steals-data-of-58-million-pharmerica-patients/

Exploit: Ransomware

PharMerica: Pharmacy Services

 

Risk to Business: 1.362 = Extreme

A ransomware attack on pharmacy services company PharMerica has resulted in the exposure of confidential medical data for over 5.8 million patients. The Play ransomware group perpetrated the attack, which took place on March 12th, 2023. The gang was able to snatch the full names, addresses, dates of birth, social security numbers (SSNs), medications, and health insurance information of 5,815,591 people. The ransomware gang claimed to have stolen 4.7 TB of data during their attack on PharMerica including at least 1.6 million unique records of personal information, and it has already published the stolen data.

How It Could Affect Your Business: This incident is going to cost PharmMerica a fortune in both recovery costs and regulatory penalties.


 

NextGen Healthcare

https://www.securityweek.com/1-million-impacted-by-data-breach-at-nextgen-healthcare/

Exploit: Credential Compromise

NextGen Healthcare: Software Company

 

Risk to Business: 1.692 = Severe

NextGen Healthcare, a maker of electronic health recordkeeping solutions, has disclosed that it has experienced a data breach. An estimated one million individuals have been impacted by this incident. NextGen said that it noticed suspicious activity in its network on March 30, and an internal investigation determined that bad actors had access to the company’s data from March 29 and April 14, 2023. Stolen patient data includes a patient’s name, address, birth date and Social Security number. In its data breach filing, NextGen Healthcare told the Maine Attorney General’s office that the attackers accessed its database using stolen client credentials.

How It Could Affect Your Business: This type of data is extremely desirable on the dark web and valuable to bad actors, so it needs strong protection.


 

Sysco

https://www.bleepingcomputer.com/news/security/food-distribution-giant-sysco-warns-of-data-breach-after-cyberattack/

Exploit: Hacking

Sysco: Commercial Food Distributor

 

Risk to Business: 2.139 = Severe

Foodservice supply giant Sysco has announced that it has experienced a data breach that may have exposed customer and supplier data in the U.S. and Canada, as well as personal information belonging to U.S. employees. Sysco sent a letter to employees that revealed that the company detected an intrusion on March 5, however, the company believes bad actors had access to data as early as January 14, 2023. The company said that the hackers swiped company data, including internal operations files, customer data and personal data. Employees had their personal data compromised, with bad actors stealing their personal information provided to Sysco for payroll purposes, including name, social security number and bank account numbers.

How It Could Affect Your Business: The longer hackers spend inside a business environment, the more damage they can do. Reducing or eliminating dwell time is important.


 

U.S. Department of Transportation (DOT) 

https://therecord.media/us-department-transportation-responds-to-breach

Exploit: Hacking

U.S. Department of Transportation (DOT): Federal Government Agency

 

Risk to Business: 2.119 = Severe

The U.S. Department of Transportation (DOT) has experienced a data breach that has resulted in the exposure of personal data for an estimated 237,000 current and former federal employees. The agency said that the data breach impacts individuals that are enrolled in the US Department of Transportation’s (DOT) transit benefit program (TRANServe), a program that handles commuter transit benefits for federal agencies. Access to that program is currently offline. The breach impacted 114,000 current employees and 123,000 former employees. The employee information compromised as a result of the breach may include the name of TRANServe transit benefit recipients, their agency, work email address, work phone number, work address, home address, SmarTrip card number (used to ride the Washington, D.C. Metro) and/or TRANServe Card number.

How It Could Affect Your Business: This could have been much worse for DOT, but they’re still going to suffer a budget hit to clean up the mess.


 

National Gallery of Canada

https://therecord.media/national-gallery-canada-recovering-from-ransomware-attack

Exploit: Ransomware

National Gallery of Canada: Museum

 

Risk to Business: 2.781 = Moderate

The National Gallery of Canada has been forced to shut down its IT systems for the last two weeks in response to a ransomware attack. The gallery said that it discovered the attack on April 23. The museum reassured customers and members and that no customer data was stolen in the incident, admitting that some operational data had been lost. The National Gallery of Canada has remained open throughout the incident with limited technology and the attack is currently under investigation.

How it Could Affect Your Business: No organization is safe from becoming a victim of ransomware gangs, not even a museum.


Switzerland – ABB

https://therecord.media/abb-confirms-it-security-incident

Exploit: Ransomware

ABB: Technology Developer

 

Risk to Business: 2.866 = Moderate

The Black Basta ransomware gang is behind a successful ransomware attack on Swiss technology giant ABB. The attack took place on May 7, with sources reporting that it hit the company’s Windows Active Directory, affecting hundreds of devices. ABB severed VPN connections with customers to prevent the spread of the attack. ABB has confirmed the attack but refused to offer details. No word on any ransom demand was available at press time.

How it Could Affect Your Business: Technology companies are often service providers, making them attractive targets that can offer both profit and access to other businesses.


 

Australia – TechnologyOne

https://www.reuters.com/technology/australias-technologyone-halts-trading-after-being-hit-by-cyber-attack-2023-05-09/

Exploit: Ransomware

TechnologyOne: Software Company

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 1.883 = Severe

Tech company TechnologyOne is the latest Australian company to get hit by a ransomware attack. The software maker announced that it had been successfully attacked last Wednesday, with reports pointing to ransomware. The company said that bad actors gained access to its back-office systems. TechnologyOne was quick to reassure customers that “TechnologyOne’s customer-facing SaaS platform is not connected to the Microsoft 365 system, and therefore, has not been impacted.” The incident remains under investigation.

How it Could Affect Your Business: A cyberattack like this can damage a company’s reputation leading to lost revenue.


 

Australia – Ambulance Victoria

https://theconversation.com/a-cancer-centre-is-the-latest-victim-of-cyber-attacks-why-health-data-hacks-keep-happening-205131

Exploit: Human Error

Ambulance Victoria: Ambulance Service

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 2.786 = Moderate

Ambulance Victoria is in hot water after the discovery that it had exposed the results of confidential drug and alcohol tests for more than 600 employees. Officials told members of the Victorian Ambulance Union in an email that confidential spreadsheets containing the test results of pre-employment drug and alcohol testing of graduate paramedics in 2017 and 2018 had been available on the staff intranet until the union alerted Ambulance Victoria to the problem last week. The exposed information included the full names of graduate paramedics, when they were tested, whether the result was positive or negative, and, if positive, the substance that had been detected. Ambulance Victoria blamed the data exposure on an “inadvertent process issue” and noted that it is under investigation. The Victorian Ambulance Union also said that is considering legal action.

How it Could Affect Your Business: Employees who receive regular security awareness training are less likely to make mistakes like this.


 

Japan – Toyota

https://therecord.media/toyota-apologizes-for-decade-long-data-exposure

Toyota: Automaker

Exploit: Misconfiguration

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 2.786 = Moderate

A cloud misconfiguration is to blame for a data security incident at Japanese motor company Toyota that exposed information about two million vehicles. The automaker has apologized for the incident that affected users of the onboard T-Connect driver assistance and emergency contact system for Toyota and Lexus G-Link technology. The company said that the data collected by those systems was improperly stored, resulting in the data being publicly available from November 2013 until the snafu was discovered last month. The exposed information included in-vehicle terminal IDs, chassis numbers and vehicle locations.

How it Could Affect Your Business: Employee mistakes like misconfiguration are a gateway to expensive, damaging disasters but they can be prevented.


 

The Week in Breach News: 05/17/23 – 05/23/23
The Week in Breach News: 05/03/23 – 05/09/23

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.