The Week in Breach News: 07/03/24 – 07/09/24

Risk to Business: 1.801 = Severe

Roll20, a popular tabletop gaming platform, disclosed a data breach on June 29, 2024. A hacker accessed their administrative website account, exposing the personal information of all users. The attacker modified one account, which Roll20 quickly corrected. Exposed information may include users’ names, email addresses, last-known IP addresses and the last four digits of credit cards. Roll20 assured users that passwords, full payment information, home addresses and complete credit card numbers were not accessed.

Risk to Business: 2.856 = Moderate

Gaming giant Roblox recently announced a data breach affecting attendees of the 2022, 2023, and 2024 Roblox Developer Conference (RDC). That event is promoted as a conference that helps developers network, learn and share knowledge with others through workshops and new tool presentations. The breach occurred through FNTech, the vendor managing conference registrations. The compromised data includes full names, email addresses, and IP addresses of attendees, with 10,386 unique email addresses affected. 

Risk to Business: 1.721 = Severe

HealthEquity, a provider of health savings account (HSA) services, reported a data breach involving unauthorized access to personal and protected health information of certain members. Hackers used a partner’s compromised account and device to infiltrate HealthEquity’s systems and exfiltrate sensitive health data. HealthEquity promised to offer complimentary credit monitoring and identity restoration services to mitigate the risk for exposed people.  

Risk to Business: 2.803 = Moderate

Hackers attacked the Alabama State Department of Education on June 17, potentially stealing names, addresses and Social Security numbers. District officials said that IT personnel were able to restore systems from backups smoothly. Officials advised educators to monitor their credit but clarified that financial information, like credit card and bank routing numbers, was not breached. Both student and employee data may have been compromised.

Risk to Business: 1.312 = Extreme

Customers of Dublin-based Patelco Credit Union are seeking answers following a cyberattack last week. The attack has disrupted electronic payments, deposits and transfers, affecting thousands of California residents. Members have been unable to access their statement balances, online payments, direct deposits or other daily functions. Customers can still process some transactions in person. Social Security payments have bounced, and customers have incurred late fees for missed payments. Recently, customers were informed that they can now use Venmo and PayPal for payments and that borrowers will not be penalized or incur fees due to the system attack. There is no word on when full functionality will be restored.

Risk to Business: 2.896 = Moderate

The Fédération Internationale de l’Automobile (FIA), the governing body for Formula 1 auto racing, reported a phishing attack that compromised several email accounts, leading to unauthorized access to personal data. The breach involved two FIA email accounts. The FIA has informed both the Swiss and French data protection regulators about the incident. Details such as the breach’s detection time, the number of affected individuals and the specific data exposed have not yet been disclosed.

Risk to Business: 1.866 = Severe

South Africa’s National Health Laboratory Service (NHLS) is recovering from a June 22, 2024, ransomware attack that disrupted systems and deleted backups. The breach caused delays in lab testing across public health facilities and made test results inaccessible via the online portal. Although all laboratories are now functional and processing clinical samples, restoring breached data will take weeks. The NHLS assured the public that no patient data was compromised, but the delays have impacted emergency patients and intensive care units nationwide. There is no clear timeline for full system restoration. 

Risk to Business: 1.612 = Severe

The DragonForce ransomware group has taken responsibility for a ransomware attack on the retailer Elite Fitness. The group claims to have stolen 5.31 gigabytes of data. Unusual activity from an unauthorized third party was detected on one of Elite Fitness’s systems on the night of June 26, 2024. While the company has not disclosed the specific types of data compromised, they have confirmed that both customers and staff are affected.