InTegriLogic Blog
The Week in Breach News: 07/12/23 – 07/18/23
This week: A record-breaking U.S. healthcare data breach, MOVEit ensnares more companies...
Hospital Corporation of America (HCA)
https://www.forbes.com/sites/davidchou/2023/07/12/a-record-breaking-cyberattack-impacting-11-million-patients/?sh=3c7ee8cf164a
Exploit: Hacking
Hospital Corporation of America (HCA): Healthcare Facility Operator
Risk to Business: 1.423 = Extreme
Tennessee-based for-profit hospital operator Hospital Corporation of America has experienced a record-breaking data breach that began on or around July 5. An estimated 11 million patients had data exposed in this incident. HCA was quick to assure customers that they do not believe that any clinical data like information about a patient’s treatment, diagnosis and condition or patient financial data like payment information, credit card or account number was stolen. The company also said that the breach does not include other sensitive data like passwords, driver’s licenses or social security numbers. The data exposed includes a patient’s name, city, state, zip code, email, telephone number, date of birth, gender, service date, location and next appointment date. HCA says that the breach came from an external storage location used to automate emails like appointment reminders.
How It Could Affect Your Business: This data breach has set a new record, but its not a record any company wants to hold.
Choice Hotels
https://cybernews.com/security/choice-hotels-radisson-guest-info-breached-in-moveit-attacks/
Exploit: Hacking
Choice Hotels: Hotelier
Risk to Business: 1.876 = Severe
Choice Hotels has announced that it has become caught up in the MOVEit exploit trouble. The company said that some customer records, primarily from its Radisson Hotel chain but possibly from other properties as well, may have been accessed by bad actors. The Cl0p ransomware group, which has been responsible for the MOVEit attacks, added Choice Hotels to its dark web leak site, noting that the company had not been receptive to communication about paying a ransom. Choice Hotels said that it is still investigating the incident and has not yet released a list of the compromised data types.
How It Could Affect Your Business Zero-day exploits like MOVEit can happen at any time, so it’s essential for companies to have a plan for the situation.
Hillsborough County, FL
https://www.fox13news.com/news/global-data-breach-could-impact-70000-residents-vendor-employees-with-hillsborough-county
Exploit: Supply Chain Attack
Advanced Medical Management: Healthcare Management Services
Risk to Business: 1.669 = Severe
The government of Hillsborough County is informing more than 70,000 residents that their personal data may have been exposed in a data breach after falling victim to a cyberattack involving the MOVEit file transfer exploit. The count’s cybersecurity team first learned about the issue on June 18. After an investigation, the county determined that files from the Healthcare Services and Aging Services departments were involved. The stolen files included protected health and personal information, including first and last names, social security numbers, dates of birth, home addresses, medical conditions and diagnoses and disability codes. The breach could have also impacted Aging Services vendor employees. Victims have been notified by mail.
How It Could Affect Your Business: This will be a very expensive mess for Hillsborough County because it involves protected health information (PHI).
Lansing Community College
https://cybernews.com/news/lansing-community-college-cyberattack/
Exploit: Hacking
Lansing Community College: Institution of Higher Learning
Risk to Business: 2.149 = Severe
Lansing Community College in Michigan is informing students that some of their personal data may have been stolen in a data breach. The college said that bad actors gained access to its systems from December 25, 2022, through March 15, 2023. That enabled them to steal the names and social security numbers of 758,000 people. The college also said that unspecified vendor and employee data had been exposed in the incident.
How It Could Affect Your Business: Obtaining names and social security numbers enables bad actors to facilitate identity theft.
ZooTampa
https://therecord.media/tampa-zoo-targeted-in-cyberattack
Exploit: Ransomware
ZooTampa: Zoo
Risk to Business: 2.637 = Moderate
U.S. top 10 zoo ZooTampa has disclosed that it was recently the victim of a cyberattack. Black Suit, a suspected offshoot of the Royal ransomware gang, has claimed responsibility. The non-profit zoo said that vendor and employee information is involved in the incident but did not specify the specific data types. ZooTampa said that it does not retain personal or financial information about visitors or members. The zoo has engaged third-party forensic specialists to secure its network environment and investigate the extent of the unauthorized activity.
How it Could Affect Your Business: Cybercriminals will hit any organization in any sector, and that means every organization must be ready for trouble.
Germany – Deutsche Bank
https://news.stv.tv/west-central/university-of-west-of-scotland-working-with-police-and-government-after-cyber-attack
Exploit: Supply Chain Attack
Deutsche Bank: Bank
Risk to Business: 1.766 = Severe
Deutsche Bank has disclosed that it recently became aware of a security incident at one of its external service providers that operates the bank’s account switching service in Germany. That unnamed service provider has fallen victim to the MOVEit exploit. Deutsche Bank clarified that the bank’s internal systems were unaffected by the incident. The incident may have impacted a limited amount of unspecified personal data belonging to customers in Germany who used the bank’s account switching service in 2016, 2017, 2018 and 2020. The stolen data cannot be used to gain access to accounts, but bad actors could use it to try to initiate unauthorized direct debits. Other banks in Germany may have been similarly impacted. The MOVEit exploit has resulted in cyberattacks on an estimated 250 businesses.
How it Could Affect Your Business: Financial institutions of every kind have been at the top of cybercriminals’ hit lists for the last few years.
New Zealand – Mahony Horner Lawyers
https://www.nzherald.co.nz/nz/wellington-law-firm-warns-clients-of-potential-for-leak-after-cyber-attack/OBHJ2NN5OVF2DAAE3FARDSTPZU/
Exploit: Hacking
Mahony Horner Lawyers: Law Firm
Risk to Business: 1.707 = Severe
Wellington-based law firm Mahony Horner Lawyers is informing clients that their personal data may have been stolen in a recent cyberattack. In a letter explaining the incident to its clients, the firm said that it is taking time for them to determine exactly what data was snatched, but they do know so far that copies of clients’ driver’s licenses or passports that were collected in the last three years were exposed. Mahony Horner said that it has engaged a third-party firm to help investigate the incident.
How it Could Affect Your Business: Law firms can be treasure troves for bad actors because of the wide variety and sensitivity of the information they hold.
Singapore – Razer
https://www.channelnewsasia.com/singapore/razer-gaming-potential-hack-customer-data-monero-crypto-3618556
Exploit: Hacking
Razer: Gaming Hardware Company
Risk to Business: 1.443 = Extreme
Razer, a well-known provider of hardware like mice for electronic gaming, is embroiled in a data breach investigation after hackers claim to have obtained critical information about its virtual gaming credits marketplace Razer Gold. Hackers have claimed to have stolen information that impacts Razer Gold like source code, databases and encryption keys as well as backend access logins for Razer.com, the company’s main website. Razer said that it has taken steps to secure its platforms after it was alerted to the threat on Sunday. The hacker, going by the moniker “Nationalist,” is asking for $100,000 in Monero. The incident remains under investigation.
How it Could Affect Your Business: New hackers often try to make a name for themselves by attacking big, well-known companies to make a splash.