The Week in Breach News: 06/19/24 – 06/25/24

Risk to Business: 1.201 = Extreme

Thousands of car dealers are facing disruptions due to two cyberattacks on CDK Global, an industry software provider. The BlackSuit ransomware group claimed responsibility. The attack led to ongoing outages in sales, financing and payroll systems, forcing some dealers to revert to manual operations. The first attack occurred last Tuesday evening, prompting CDK to shut down systems as a precaution on Wednesday. Although some systems were restored by Wednesday afternoon, a second incident occurred that evening, continuing to affect many dealers by Friday. Experts suggest CDK may have prematurely restored systems without fully resolving the issue, which could take weeks to fix.

Risk to Business: 1.856 = Severe

The LockBit ransomware group claims that it has stolen 33 TB of data from the U.S. Federal Reserve for ransom. The group says they breached the Federal Reserve Board (Federalreserve.gov). In a statement on its new dark web leak site, LockBit says they have “33 terabytes of juicy banking information” containing “American banking secrets.”  The group also infers that they are negotiating with the U.S. government for payment, an unlikely circumstance.  

Risk to Business: 1.721 = Severe

The Wisconsin Department of Health Services reported a cyber incident at Disability Rights Wisconsin (DRW) that may have exposed the private health information of nearly 19,150 Medicaid members. The breach was detected through unusual activity on a DRW email account. DRW is notifying affected individuals by mail and offering one year of free credit monitoring along with access to a dedicated call center.

Risk to Business: 1.803 = Severe

Financial Business and Consumer Solutions (FBCS) experienced a data breach affecting approximately 3 million Americans. The breach occurred in February 2024. FBCS says that it notified affected individuals in late April but only filed the result of their investigation until now. The leaked data may include names, addresses, birthdates, Social Security numbers, driver’s licenses, state ID data and medical information.

Risk to Business: 1.312 = Extreme

On June 12, 2024, the Newberg-Dundee School District in Oregon announced via district-wide email a suspected ransomware attack on their computer network. A separate email informed the community that the district’s phones and computer network were down. It was unclear at press time if any data had been stolen.

Risk to Business: 1.896 = Severe

Hackers targeted a technology testing environment of the Toronto District School Board (TDSB) to deploy ransomware on the main network. The board discovered unauthorized activity in a system used for testing programs. This environment is separate from official networks. The cybersecurity team promptly secured data and protected critical systems. Due to the ongoing investigation, officials can’t provide more details but will notify victims if personal information was accessed.

Risk to Business: 1.866 = Severe

A hacker named 888 recently leaked a file with the contact and personal details of 32,828 individuals, allegedly current and former Accenture employees. The data, including full names and email addresses, was posted on Breach Forums on June 19, 2024. Initially, Accenture denied the breach, later admitting only three people were affected before the full extent of the breach became apparent.

Risk to Business: 2.602 = Moderate

Fast-food giant Jollibee Foods Corp. is investigating an alleged data breach in its delivery service system. The company confirmed that its e-commerce platforms were unaffected and are still operational. A threat actor named “Sp1d3r” claims to have obtained the personal data of 32 million Jollibee customers, including names, addresses, phone numbers, email addresses, order histories, service details and sales records.