InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
The Week in Breach News: 06/02/21 – 06/08/21
United States iConstituent
https://www.nbcnews.com/politics/congress/house-communications-vendor-compromised-ransomware-attack-n1269934Exploit: Ransomware
IConstituent: Communications Services
Risk to Business: 1.655= Severe
A major service provider to members of the US House of Representatives is recovering from a ransomware incident that has left Members scrambling. iConstituent provides constituent communications services for House offices including facilitating Member emails and newsletters. The House Chief Administrative Officer (CAO) is coordinating a response with iConstituent, and the CAO has announced that no other House data or systems have been compromised.
How It Could Affect Your Business: Ransomware against service providers has been a hot profit center for cybercriminals and they’re not letting up on potentially vulnerable targets.
United States – Cox Media Group
https://therecord.media/live-streams-go-down-across-cox-radio-tv-stations-in-apparent-ransomware-attack/Exploit: Ransomware
Cox Media Group: TV & Radio Station Operator
Risk to Business: 1.227= Extreme
A number of TV and radio stations around the US went dark briefly after a suspected ransomware attack on parent company Cox Media Group. Stations impacted included News9, WSOC, WSB, WPXI, KOKI, and almost all Cox radio stations. The Cox Media Group owns 57 radio and TV stations across 20 US markets. Internal networks and live streaming capabilities for other Cox media properties, such as web streams and mobile apps, were also impacted in the June 35r event. Service was quickly restored and the event is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.
United States – Navistar International Corporation
https://www.reuters.com/technology/us-truck-maker-navistar-says-aware-it-breach-2021-06-07/Exploit: Ransomware
Navistar International Corporation: Specialty Vehicle Manufacturer
Risk to Business: 2.812= Moderate
Truck manufacturer Navistar International has notified the Securities and Exchange Commission (SEC) that they’ve fallen prey to a ransomware attack. Navistar makes trucks, buses and diesel engines, while its Navistar Defense subsidiary produces several US military vehicles. The company confirmed that there was data exfiltration in the suspected ransomware attack, but no details have been made available regarding the nature of that data.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – New York Metropolitan Transit Authority (M.T.A.)
https://www.nytimes.com/2021/06/02/nyregion/mta-cyber-attack.html
Exploit: Nation-State hackingNew York Metropolitan Transit Authority (M.T.A.): Regional Transport Operator
Risk to Business: 2.812= Moderate
Officials at NY M.T.A released information that their system had been the target of a cyberattack by a hacking group believed to have links to the Chinese government. According to the report, nation-state actors penetrated the Metropolitan Transportation Authority’s computer systems in April. The investigation has concluded and NY M.T.A. was able to confirm that no sensitive data or rider data was impacted.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – LineStar Integrity Services
https://www.wired.com/story/linestar-pipeline-ransomware-leak/Exploit: Ransomware
LineStar Integrity Services: Pipeline Technology Services
Risk to Business: 2.522= Severe
Cybersecurity researchers discovered that pipeline technology provider LineStar Integrity was hit in a ransomware incident at approximately the same time as Colonial Pipeline resulting in 70+GB of company data finding a new home on the dark web. LineStar Integrity Services sells auditing, compliance, maintenance, and technology services to pipeline customers and is based in Houston, TX.
Customers Impacted: Unknown
How it Could Affect Your Business: Increasing frequency off cyberattacks on service providers show that cybercriminals are taking every chance to strike against linchpins of business services.
United Kingdom – Furniture Village
https://www.theregister.com/2021/06/04/furniture_village_confirms_cyberattack/Exploit: Hacking
Furniture Village: Home Goods Retailer
Risk to Business: 1.115 = Extreme
UK home goods giant Furniture Village has confirmed that it has been suffering the impact of an unnamed cyberattack. For the past week, the company’s internal systems, as well as some customer-facing systems, have been experiencing outages. The company stated that no data appears to have been stolen. Impacted systems include included delivery systems, phone systems, and payment mechanisms.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on older systems are often easy money for cybercriminals looking for data to sell with a low overhead and fast turnaround time.
Australia – New South Wales Health (NSW Health)
https://www.zdnet.com/article/nsw-health-confirms-data-breached-due-to-accellion-vulnerability/Exploit: Third-Party Data Breach
New South Wales Health (NSW Health): Regional Healthcare Agency
Risk to Business: 1.616 = Severe
New South Wales Health has confirmed that it is the latest organization impacted by the major cyberattack on the file transfer system owned by medical data services provider Accellion last month. The state entity said that no medical records maintained in public hospitals were affected. The agency has begun notifying people whose data may have been accessed. NSW Health has upgraded its technology to avoid future problems.
Individual Risk: 1.616 = Severe
New South Wales Health disclosed that identity information and health-related personal information were exposed for some patients. The agency is in the process of contacting people who have been impacted.
How it Could Affect Your Business: Attacks on major data processors like this puts many businesses at risk. Cybercriminals are hungry for saleable information and these places are treasure troves.
Japan – Fulifilm
https://www.bleepingcomputer.com/news/security/fujifilm-confirms-ransomware-attack-disrupted-business-operations/Exploit: Ransomware
Fujifilm: Film & Photo Technology Developer
Risk to Business: 1.922 = Severe
Legendary Japanese film technology company Fujifilm announced that it has been the victim of a ransomware attack that has impacted its operations. The purported ransomware attack led to a network outage that impacted access to email for employees, billings system and a problem reporting system. Experts believe that this attack was carried out with REvil technology. Investigation and recovery have begun and many systems have been fully restored.
Customers Impacted: Unknown
How it Could Affect Your Business: Business disruptions from ransomware attacks can be costly even if no business or customer data is stolen, and extra costs for recovery can add up.
About the author
