The Week in Breach News: 07/24/24 – 07/30/24

Risk to Business: 2.356 = Extreme

Leidos Holdings, the IT services provider for the U.S. Department of Defense, the Department of Homeland Security, and NASA, has confirmed having internal data stolen from a third-party breach exposed by threat actors but emphasized that neither its network nor customer information was affected, stems from a previous incident affecting a third-party vendor for which all necessary notifications were made in 2023. Such exposed information may have been exfiltrated from a compromised Diligent Corp. system leveraged by Leidos for internal investigation data hosting, noted a source close to the matter. Meanwhile, Diligent disclosed the incident, which has affected fewer than 15 clients, to be related to the breach of its subsidiary Steele Compliance Solutions two years ago.

Risk to Business: 1.356 = Severe

Michigan Medicine, part of the University of Michigan, is notifying around 57,000 individuals of a data breach that may have compromised their personal and health information. The breach occurred when threat actors accessed employee email accounts on May 23 and May 29. Compromised data includes names, addresses, birth dates, medical record numbers, diagnostic and treatment information, and health insurance details. While no financial information was affected, Social Security numbers of four patients were exposed. The compromised accounts were disabled promptly upon discovery.

Risk to Business: 1.721 = Severe

Cryptocurrency exchange Gemini disclosed a data breach caused by a cyberattack on its ACH service provider. Between June 3 and June 7, 2024, an unauthorized actor accessed the vendor’s systems. Gemini notified affected individuals on June 26, 2024, and submitted details to California’s Attorney General’s Office. The breach may have compromised some customers’ banking information, including names, bank account numbers, and routing numbers. Gemini assured clients that no other sensitive information was affected.

Risk to Business: 2.632 = Moderate

On July 24, 2024, Peco Foods, Inc. reported a data breach to the Maine Attorney General after discovering unauthorized access to its IT network. The breach involved sensitive consumer information, prompting Peco Foods to notify affected individuals. The company detected the cyberattack on December 4, 2023, which disrupted its computer system. Peco Foods quickly secured its systems and collaborated with cybersecurity experts to investigate. By May 23, 2024, they identified the compromised information and impacted consumers. Notification letters were sent out on July 24, 2024, detailing the incident. Although the general notice doesn’t specify the types of leaked data, personalized letters include this information for each individual.

Risk to Business: 1.112 = Extreme

A cyberattack at St. Jeronim Airport in Split, Croatia, snarled air traffic. The airport experienced technical difficulties around 7:30 pm, leading to flight cancellations and delays. Passengers were forced to spend the night at the airport as the system was rebooted. The IT system is still recovering, and staff are managing operations manually. The Akira cybercrime group claimed responsibility for the attack, demanding negotiations, which authorities refused.

Risk to Business: 2.896 = Severe

India-based Taj Hotels experienced a data breach that potentially compromised the sensitive personal information of about 1.5 million guests, according to the Economic Times. Tata Group’s Indian Hotels Company (IHCL), which operates Taj Hotels, is investigating the incident. The hacker, known as “Dnacookies,” is demanding $5,000 for the dataset, which includes mobile numbers, addresses, membership IDs and other personal information. The company’s spokesperson stated there are no signs of ongoing security issues or disruptions to operations. 

Risk to Business: 1.661 = Severe

Liteon Technology Corporation, a Taiwan-based leader in electronic components, was attacked on July 26, 2024, by the Ransomexx group. Founded in 1975, Liteon specializes in optoelectronic devices, storage devices, and more, including LED lighting, semiconductors, and automotive electronics. Ransomexx infiltrated Liteon’s systems, encrypting 142GB of critical data and threatened to release it unless a ransom is paid.

Risk to Business: 1.866 = Severe

New Zealand-based mortgage broking and investment firm Squirrel experienced a data breach that exposed the passport or driver’s license details of 600 peer-to-peer investors. Squirrel informed clients that an unauthorized user accessed a third-party system used in their investor registration process. This breach allowed the extraction of personal information, specifically passport or driver’s license details, for customers who registered in the 30 days prior to July 21, 2024.