The Week in Breach News: 05/29/24 – 06/04/24

Risk to Business: 1.401 = Severe

Everbridge, a crisis management software company, informed customers of a recent breach where attackers accessed files containing business and user data. Detected on Tuesday, May 21, the attackers used information from a prior phishing attack on employees to breach the system. Compromised files included admin and user contact information, subscribed services and access methods. Everbridge is collaborating with incident response experts from Mandiant and Stroz Friedberg to evaluate the breach’s severity and impact. 

Risk to Business: 1.8606 = Severe

The Seattle Public Library suffered a ransomware attack over Memorial Day weekend, forcing all 27 locations to take their systems offline. While preparing for scheduled server maintenance, the library’s systems were attacked. The website and some digital services were restored overnight, but many services, including e-book access, computers, Wi-Fi, and printing, remain affected. The library is posting updates on its blog and cannot confirm if data was compromised or when full functionality will be restored.

Risk to Business: 1.227 = Extreme

Live Nation, the parent company of Ticketmaster, revealed Friday evening that it was the victim of a cyber attack that compromised user data. The company said in a filing with the U.S. Securities and Exchange Commission that it discovered an “unauthorized activity within a third-party cloud database,” on May 20 and promptly launched an investigation. ShinyHunters claimed responsibility for the breach in an online forum and was seeking $500,000 for the data, which reportedly includes names, addresses, phone numbers and some credit card details of millions of Ticketmaster customers.

Risk to Business: 1.803 = Severe

The First Nations Health Authority in British Columbia confirmed a cyberattack on its corporate network detected on May 13. They deployed countermeasures to prevent network encryption but believe some employee and limited personal information was impacted. The health authority did not specify the type of data affected but stated no clinical information systems were impacted. They have engaged external cybersecurity experts and notified law enforcement and the Office of the Information and Privacy Commissioner.

Risk to Business: 2.712 = Severe

The BBC is investigating a data breach that exposed details of over 25,000 current and former employees. The corporation’s pension scheme notified members that their information had been stolen in a data security incident, affecting about 25,290 people. The breach involved data copied from an online storage service, including names, dates of birth, sex, home addresses, national insurance numbers and pension scheme membership status. No bank details, financial information, contact details, usernames, password or health information were compromised. The BBC confirmed there is no evidence of a ransomware attack. 

Risk to Business: 1.376 = Extreme

Major London hospitals have declared a critical incident after a cyber-attack disrupted operations and emergency services, affecting those partnered with Synnovis, a pathology services provider. This includes King’s College Hospital, Guy’s and St Thomas’ (including the Royal Brompton and Evelina London Children’s Hospital), and primary care services. The attack has severely impacted services, particularly blood transfusions and test results, leading to some procedures being canceled or redirected to other National Health Service (NHS) providers. GP services in Bexley, Greenwich, Lewisham, Bromley, Southwark and Lambeth are also affected. Despite this, emergency care remains available, and patients should attend appointments unless advised otherwise by the NHS. 

Risk to Business: 1.366 = Extreme

A ransomware attack has severely impacted Norsk Hydro ASA, a leading aluminum maker, forcing the shutdown of several automated production lines in the U.S. and Europe. The company is maintaining operations using manual processes. The aluminum industry, with few producers of technical products, is feeling the threat of supply disruption that could have a major ripple effect. It is too early to determine the exact operational and financial impact.

Risk to Business: 2.602 = Moderate

Guardian Childcare, a major provider in Victoria, suffered a cyberattack potentially affecting thousands of families. The breach led to the theft of scanned identification documents. Guardian advised affected families to contact the issuing authority for replacements and stay alert for potential scams.