"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 06/28/23 – 07/04/23

Breach-4

Breaches abound at government and quasi-government agencies and an unrest-related communications cyberattack in Russia.

 

Wealth Enhancement Group

https://www.jdsupra.com/legalnews/wealth-enhancement-group-notifies-6520334/

Exploit: Credential Compromise

Wealth Enhancement Group: Financial Services

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.886 = Severe

Minnesota-based financial services firm Wealth Enhancement Group has reported a data breach to regulators in Maine. The company said that it detected that an unauthorized individual had gained access to one of its servers through credential compromise in early April. Stolen data may include clients’ full names, Social Security numbers, addresses, dates of birth, phone numbers, email addresses, driver’s license numbers, state identification numbers and financial account numbers. Data breach letters were sent on June 28 to impacted clients. 

How It Could Affect Your Business: Protecting an organization’s credentials from compromise has never been more critical.


 

U.S. Department of Health and Human Services (HHS)

https://www.cnn.com/2023/06/29/politics/us-health-department-cyberattack/index.html

Exploit: Supply Chain

U.S. Department of Health and Human Services (HHS): Federal Agency

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.876 = Severe

The U.S. Department of Health and Human Services (HHS) has notified Congress of a data breach that may have exposed sensitive data for 100,000 people. HHS said that an unnamed contractor had been caught up in the flood of cyberattacks around the MOVEit exploit. HHS said that none of its own systems or data were accessed by cybercriminals and its network remains safe. Several other federal agencies have been hit by the MOVEit exploit either directly or through a supplier/contractor.

How It Could Affect Your Business Supply chain risk is high and climbing for every organization. Businesses should take action now to reduce it.


 

U.S. Patent and Trademark Office (USPTO)

https://www.cshub.com/attacks/news/iotw-us-patent-and-trademark-office-suffers-years-long-data-leak

Exploit: Misconfiguration

U.S. Patent and Trademark Office (USPTO): Federal Government Agency

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 1.469 = Severe

The U.S. Patent and Trademark Office (USPTO) has disclosed that it has experienced a years-long data leak that exposed the location data of thousands of trademark applicants. The leak is estimated to have been ongoing for the past three years; it was active from February 2020 to March 2023. The leak was caused by an error in one of USPTO’s application programming interfaces (APIs). A notice about the breach was sent to affected trademark applicants.

How It Could Affect Your Business: Security awareness training isn’t just for cyberattacks, it also helps employees become more conscientious about security overall to limit mistakes.


 

United Kingdom – Barts Health NHS Trust

https://www.telegraph.co.uk/news/2023/06/30/russia-may-have-hacked-nhs-trust-with-two-million-patients/

Exploit: Ransomware

Barts Health NHS Trust: Medical Facility Operator

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 2.149 = Severe

Barts Health NHS Trust has disclosed that it has been the victim of a ransomware attack by the notorious gang ALPHV/BlackCat that exposed the sensitive data of 2.5 million patients. BlackCat claimed to have snatched 7 terabytes of data including unspecified patient data, employees’ personal data and financial information including credit card details last Friday. The incident is under investigation.

How It Could Affect Your Business: Healthcare data of all kinds is a valuable commodity for bad actors, and ransomware attacks against healthcare providers are climbing.


 

United Kingdom – National Health Service

https://www.digitalhealth.net/2023/06/nhs-patient-data-compromised-in-university-cyber-attack-report/

Exploit: Third Party

National Health Service (NHS): National Government Agency

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 2.637 = Severe

The UK’s National Health Service has disclosed that it may have had sensitive health data pertaining to 1.1 million patients from 200 hospitals after a June 6 cyberattack on research partner The University of Manchester. Initial estimates show that about 250 gigabytes of data was accessed by bad actors in the attack, including data on the university’s backup servers. The data was initially collected for research purposes and some people who had data stolen may not even know that the university had it. The investigation remains ongoing.

How it Could Affect Your Business: Supply chain relationships aren’t the only relationships that endanger a company’s data; an attack on a partner can be equally devastating.


 

Ireland – Dublin Airport Authority (DAA)

https://simpleflying.com/dublin-airport-staff-information-compromised-july-2023/

Exploit: Supply Chain

Dublin Airport Authority: Transportation Authority

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 2.766 = Moderate

The Dublin Airport Authority (DAA) has disclosed that sensitive information belonging to approximately 2,000 airport workers was exposed in a cyberattack on pay and benefits service provider Aon. The airport authority did not offer specifics on the type of data stolen beyond saying that some employees’ pay and benefit information was exposed. Aon is another casualty of the MOVEit hack.

How it Could Affect Your Business: Attacks using the MOVEit exploit have proliferated in every sector and the number of impacted organizations continues to grow daily.


 

Russia – Dozor-Teleport CJSC

https://cyberscoop.com/russia-satellite-hack-wagner/

Exploit: Hacking (Nation-State)

Dozor-Teleport CJSC: Telecommunications Company

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.307 = Extreme

Russian telecom Dozor-Teleport CJSC has claimed that it is the victim of a cyberattack by supporters of the non-state-aligned PMC Wagner paramilitary group that is currently active in Russia. Dozor-Teleport CJSC is a communications satellite operator that provides internet and other communication services for Russian state agencies including Moscow’s main intelligence agency. Hackers stole nearly 700 files, defaced several websites and launched Wagner-related messages and a video on the company’s site. The damage is expected to take weeks to fix.  

How it Could Affect Your Business: Cyberattacks, especially ransomware and wiper malware, as well as hacking have become a part of modern warfare


 

Taiwan – Taiwan Semiconductor Manufacturing Company (TSMC)

https://www.cnn.com/2023/06/30/tech/tsmc-supplier-ransomware/index.html

Exploit: Supply Chain

Taiwan Semiconductor Manufacturing Company (TSMC): Semiconductor Manufacturer

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.443 = Extreme

Taiwan Semiconductor Manufacturing Company (TSMC), the world’s leading contract chipmaker and one of Apple’s main suppliers, has confirmed that it has experienced a data breach due to a cyberattack on one of its suppliers. TSMC was listed on LockBit’s website as a victim, but TSMC claims that the data was stolen from supplier Kinmax, a system integrator. National Hazard Agency, a subgroup of LockBit, shared screenshots of directory listings of stolen TSMC files on its leak website as well as a demand for a stunning $70 million ransom.  

How it Could Affect Your Business: With the world already facing a chip shortage, anything that impacts the operations of a chipmaker is problematic.


 

The Week in Breach News: 07/05/23 – 07/11/23
The Week in Breach News: 06/21/23 – 06/27/23

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.