InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
The Week in Breach News: 07/14/21 – 07/20/21
Campbell Conroy & O’Neil, P.C. (Campbell)
https://www.bleepingcomputer.com/news/security/ransomware-hits-law-firm-counseling-fortune-500-global-500-companies/Exploit: Ransomware
Campbell Conroy & O’Neil, P.C. (Campbell): Law Firm
Risk to Business: 1.201= Extreme
Campbell Conroy & O’Neil, P.C. (Campbell), a law firm that counts dozens of Fortune 500 and Global 500 companies among its clientele, has disclosed a data breach following a February 2021 ransomware attack. The firm’s client list includes high-profile companies from various industry sectors, including automotive, aviation, energy, insurance, pharmaceutical, retail, hospitality, and transportation. At the time, it was unclear if client data had been stolen, but the investigation has since determined that client data was stolen.
Individual Risk: 1.963= Severe
The crooks made off with data about clients including names, dates of birth, driver’s license numbers, state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data. Usernames and passwords were also snatched. and/or online account credentials (i.e. usernames and passwords).” The firm24 months of free access to credit monitoring, fraud consultation, and identity theft restoration services to all individuals whose Social Security numbers or equivalent information was exposed during the attack
How It Could Affect Your Business: This data abiut major companies and powerful business executives is cybercriminal gold and quickly saleable in the busy dark web data markets.
Forefront Dermatology S.C.
https://www.databreachtoday.com/dermatology-clinic-chain-breach-affects-24-million-a-17074Exploit: Ransomware
Forefront Dermatology S.C.: Medical Network
Risk to Business: 2.216 = Severe
Forefront Dermatology S.C, a Wisconsin-based dermatology practice with affiliated offices in 21 states plus Washington, D.C., is notifying 2.4 million patients, employees and clinicians of a ransomware incident it recently experienced. Cuba ransomware is believed to be the culprit. The incident is the third-largest healthcare breach of 2021 so far. Xperts who spotted the data dump on a darknet site said that it was approximately 47 MB, including more than 130 files with information on the entity’s system and network, with security and backup details, and all their logins for vendor sites.
Risk to Individual: 2.462 = Severe
The company has announced that potentially compromised patient, clinician and employee information includes name, address, date of birth, patient account number, health insurance plan member ID number, medical record number, dates of service, provider names, and/or medical and clinical treatment information.
How it Could Affect Your Business: Medical data is some of the hottest product to sell in dark web markets, earning cybercriminals a substantial profit and this company a substatial HIPAA fine.
Guess
https://www.zdnet.com/article/guess-announces-breach-of-employee-ssns-and-financial-data-after-darkside-attack/Exploit: Ransomware
Guess: Fashion Brand
Risk to Business: 2.223=Severe
Fashion brand Guess, known for their salacious 90’s advertising campaigns, was hit with a ransomware attack from an unexpected source: Darkside. Sources are mixed as to whether this is a new operation or an old one just coming to light. Guess would not confirm that the incident occurred, but dark web researchers uncovered 200 GB of data from the fashion brand on a leak site. No consumer financial information was reported as stolen.
Customers Impacted: Unknown
How it Could Affect Your Business: Proproetary data about businesses and their products is a hot seller on the dark web, especially if blueprints, formulas or similar information is included.
Mint Mobile
https://www.bleepingcomputer.com/news/security/mint-mobile-hit-by-a-data-breach-after-numbers-ported-data-accessed/Exploit: Hacking
Mint Mobile: Mobile Network Carrier
Risk to Business: 1.575 = Severe
California-based Mint Mobile has disclosed a data breach. The company says that an unauthorized person gained access to their data including subscribers’ account information. The miscreants also ported phone numbers to another carrier.
Individual Risk: 1.502 = Severe
Exposed client data may include name, address, telephone number, email address, password, bill amount, international call detail information, telephone number, account number and subscription features.
How it Could Affect Your Business: Hackers are always in the market for fresh data, and this kind of prorietary information is a goldmine for them.
United Kingdom – Northern Railway
Exploit: RansomwareNorthern Trains: Government-Run Transportation Authority
Risk to Business: 1.302 = Extreme
Railway passengers in Northern England got an unpleasant surprise when they discovered that ticket machines on Northern Trains’ network were knocked offline following a ransomware attack. Run by the British government, Northern Trains said no customer or payment data had been compromised, and that customers could still buy tickets online.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks againts utilities and quasi-utility infrastructure have been steadily increasing, and businesses in those sectors need to step up their protection to stay safe.
Ecuador – Corporación Nacional de Telecomunicación (CNT)
https://www.bleepingcomputer.com/news/security/ecuadors-state-run-cnt-telco-hit-by-ransomexx-ransomware/Exploit: Hacking
Corporación Nacional de Telecomunicación (CNT): State Run Telecommunications Utility
Risk to Business: 1.919 = Severe
Ecuador’s state-run Corporación Nacional de Telecomunicación (CNT) has suffered a ransomware attack that has disrupted business operations, the payment portal and customer support. This company provides telecommunications services including fixed-line phone service, mobile, satellite TV, and internet connectivity. The attack has shut online payment systems down. RansomEXX is suspected to be the culprit. An investigation and systems restoration is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Business: Customer satisfaction is bound to be severely impacted by the loss of online payment systems.
About the author
