InTegriLogic Blog
The Week in Breach News: 06/05/24 – 06/11/24
This week: Another big data breach has something in common with other recent large breaches and nation-state hacking in Germany.
Palomar Health Medical Group
https://www.sandiegouniontribune.com/news/health/story/2024-05-24/suspected-cyber-attack-continues-to-hobble-operations-at-palomar-health-medical-group
Exploit: Hacking
Palomar Health Medical Group: Healthcare Provider
Risk to Business: 2.201 = Severe
Palomar Health Medical Group continues to operate without fully functional systems after a cyberattack knocked it offline. The medical group’s hospitals in Escondido and Poway are not affected, but representatives said in a statement that the attack hit its outpatient facilities, including its Graybill medical offices, limiting their operations. The attack was discovered on May 5, 2024. There is no anticipated timeline for the resumption of full operations.
How It Could Affect Your Business: Healthcare centers must be careful to implement robust security because they are frequent targets for cybercriminal activity, creating public health risk.
Germany – Christian Democratic Union (CDU)
https://therecord.media/germany-opposition-party-cyberattack-europe
Exploit: Hacking (Nation-State)
Christian Democratic Union (CDU): Political Party
Risk to Business: 1.856 = Severe
Germany’s major opposition party, the Christian Democratic Union (CDU), announced that it has experienced a large-scale cyberattack, and they suspect that Russia-aligned threat actors are involved. The attack led the party to take down and isolate parts of its IT infrastructure as a precaution. Officials said that law enforcement is investigating. This incident, occurring just before the European Parliament elections, follows a similar attack on the SPD attributed to Russian state-controlled hackers.
How It Could Affect Your Business: Governments and government agencies have seen an increasing tide of pressure from bad actors that is expected to continue.
France – Decathlon
https://cybersecuritynews.com/threats-claimimg-breach/
Exploit: Ransomware
Decathlon: Sporting Goods Retailer
Risk to Business: 1.721 = Moderate
Threat actors 888 claim to have stolen a database linked to France-based sporting goods retailer Decathlon. The company confirmed a data security incident involving email addresses of its Spanish employees, discovered on May 27 by its cybersecurity team in Spain. The data originated from a third-party application, and no passwords or customer data were affected.
How It Could Affect Your Business: It’s critical that every organization conduct regular phishing simulations to mitigate its risk for often email-based cyberattacks like ransomware.
The Netherlands – Heineken
https://www.cyberdaily.au/security/10659-over-8-000-heineken-employees-affected-in-alleged-cyber-attack
Exploit: Hacking
Heineken: Brewer
Risk to Business: 2.803 = Moderate
Cybercrime group 888 claims to have exfiltrated the data of 8,174 Heineken employees. The group said that the data belongs to employees across a number of countries, including an employee’s identification scans, full names, email addresses, company roles and more. The threat actors posted a sample of the data, which shows the details of 10 users from countries including Brazil, Nigeria, Indonesia and the UK.
How It Could Affect Your Business: A company’s employee data is just as valuable and attractive to cybercriminals as its customer data may be.
UK – LivaNova
https://cybernews.com/news/livanova-ransomware-attack
Exploit: Ransomware
LivaNova: Medical Device Maker
Risk to Business: 1.712 = Severe
UK-based medical device manufacturer LivaNova has informed affected individuals that it fell victim to a ransomware attack that led to the exposure of the personal data of current and former employees. Data exposed in the attack includes an employee’s name, telephone number, email, address, Social Security or national identification number, date of birth, financial account information, health insurance information, online credentials and work-related information, such as employee ID, compensation, disability status and evaluations.
How it Could Affect Your Business: This treasure trove of information contains details like identification numbers that help facilitate identity theft.
Vietnam – Vietnam Post
https://e.vnexpress.net/news/news/vietnam-s-national-postal-service-attacked-by-ransomware-4754280.html
Exploit: Ransomware
Vietnam Post: Postal Service
Risk to Business: 2.376 = Severe
Vietnam Post said its IT systems have been taken down by a ransomware attack. Officials say the attack happened at around 3 a.m. on June 6, directly impacting activities related to postal delivery. The Vietnam Post’s website and application were inaccessible starting Tuesday morning. Officials stressed that finance postal, public administration and good distribution services are still operating normally. The Vietnam Post said it is working with authorities and its partners to resolve the issues as soon as possible.
How it Could Affect Your Business: Disrupting a country’s postal service with a cyberattack could cause a widespread ripple effect that impacts many businesses.
Australia – Ticketek Australia
https://www.sbs.com.au/news/article/fresh-warning-after-ticketek-customers-personal-details-stolen-in-cybersecurity-incident/c1prvrxar
Exploit: Suppl Chain Data Breach
Ticketek Australia: Ticket Seller
Risk to Business: 2.866 = Moderate
Ticketek Australia has informed customers that sensitive stored on a cloud-based platform by a global third-party supplier had been exposed in a data breach at a third-party data storage provider. The company said that customer names, dates of birth and email addresses may have been exposed in the incident. This breach, as well as the recent Ticketmaster and Santander Bank breaches all appear to be related to the cloud data platform Snowflake. However, the platform claims that the breach was caused by its customers’ poor security procedures. The story is still developing.
How it Could Affect Your Business: Supply chain and third-party risk is a constant menace for organizations that they must take seriously.
New Zealand – Smith & Caughey’s
https://www.nzherald.co.nz/nz/smith-caugheys-set-to-close-department-store-falls-victim-to-cyber-attack-on-day-of-proposal-to-close-for-good/G25KF73IOFCX5C7CV32RS3LEPE
Exploit: Ransomware
Smith & Caughey’s: Retailer
Risk to Business: 2.602 = Moderate
Auckland department store Smith & Caughey’s has fallen victim to a cyberattack, on the same day it announced it proposed to close in early 2025, after 144 years in business. A store executive said that the store’s server and retail operations systems have been crypto-locked, likely the result of a ransomware infection. The official stated that the attack has impacted the store’s ability to communicate with staff, customers, suppliers and other critical stakeholders.
How it Could Affect Your Business: A ransomware attack can be enough to knock a teetering business out, making prevention mission-critical.
About the author
