"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 08/09/23 – 08/15/23

Breach-4

This week: MOVEit continues to snowball, a cyberattack causes a huge MLS outage, and ransomware hits a copper mine.

 

The Colorado Department of Health Care Policy & Financing (HCPF)

https://www.bleepingcomputer.com/news/security/colorado-warns-4-million-of-data-stolen-in-ibm-moveit-breach/

Exploit: Supply Chain Attack

The Colorado Department of Health Care Policy & Financing (HCPF): Government Agency

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.876 = Severe

The Colorado Department of Health Care Policy & Financing (HCPF), a state government agency that manages the Health First Colorado (Medicaid) and Child Health Plan Plus programs, is alerting more than four million individuals of a data breach that impacted their personal and health information. HCPF said that the data exposure occurred through their contractor IBM thanks to the MOVEit vulnerability. Bad actors likely exfiltrated files that contained certain Health First Colorado and CHP+ members’ information, including, full names, Social Security numbers, Medicaid ID numbers, Medicare ID numbers, dates of birth, home address, contact information, income information, demographic data clinical data (diagnosis, lab results, treatment, medication) and health insurance information.  

How It Could Affect Your Business: Companies face unexpected danger every day from zero-day exploits and need to be prepared for trouble.


 

Freeport-McMoRan Inc.

https://www.mining-technology.com/news/freeport-mcmoran-cybersecurity-incident/

Exploit: Supply Chain Attack

Freeport-McMoRan Inc: Copper Mine Operator

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 2.721 = Moderate

Freeport-McMoRan Inc., the world’s top publicly traded copper miner, has experienced a ransomware attack that has taken down the company’s information systems. The attack hit last Tuesday, causing the initial shutdown of IT systems. The Phoenix-based company is not expecting a significant impact on production unless the outage is sustained. The mining firm said it is investigating the incident with third-party experts and law enforcement. 

How It Could Affect Your Business Supply chain cyberattacks are escalating, and the risk they bring to businesses needs to be top-of-mind for IT professionals.


 

Rapattoni

https://arstechnica.com/security/2023/08/5-days-on-cyberattack-on-data-provider-stymies-realty-markets-throughout-the-us/

Exploit: Hacking

Rapattoni: Real Estate Technology Provider

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.673 = Severe

Home buyers and real estate professionals have experienced frustrations in the past week after a cyberattack nailed Rapattoni, a software and services provider that is best known for providing access to the nationwide Multiple Listing Services (MLS) to regional real estate groups. The California-based company said in a statement that its production network was hit by a cyberattack and it is working to get systems restored as soon as possible. MLS systems have been down since last Wednesday for many real estate agencies. The incident is under investigation

How It Could Affect Your Business: A successful cyberattack on a service provider can have a big impact on many other businesses.


 

The Indiana Family and Social Services Administration 

https://www.journalgazette.net/local/data-breach-compromises-some-medicaid-users-information/article_8bc03ede-37e2-11ee-976d-1387af99b21b.html

Exploit: Supply Chain Attack

The Indiana Family and Social Services Administration: Government Agency

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.649 = Severe

The Indiana Family and Social Services Administration has announced that it has experienced a data breach, exposing data belonging to more than 700,000 Indiana Medicaid members. The breach came as a result of the MOVEit-related attack at government services company Maximus. The names, addresses, case numbers and Medicaid numbers of 744,000 people were snatched by bad actors in the incident.  

How It Could Affect Your Business: Supply chain attacks are escalating, and just one attack on a supplier can be a big problem that brings big bills for any organization.


 

Alberta Dental Service Corporation

https://www.mountainviewtoday.ca/alberta-news/cyberattack-on-government-service-provider-exposes-records-of-14-million-albertans-7396965

Exploit: Hacking

Alberta Dental Service Corporation: Government Services Provider

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.737 = Severe

More than 1.4 million people in Alberta had their data exposed as the result of a cyberattack on government health service provider Alberta Dental Services Corporation. The dental services corporation administers low-income health benefit programs such as Assured Income for the Severely Handicapped and the Dental Assistance for Seniors Program. The company admitted that a bad actor gained access to part of its information technology infrastructure. The hackers were able to obtain the personal information of people enrolled in provincial government health benefit programs including patient names, addresses and banking information. Corporate information of some healthcare providers appears to be affected. An investigation is ongoing.

How it Could Affect Your Business: Governments of every size and government agencies have been high on cybercriminal hit lists.


 

United Kingdom – The Electoral Commission

https://www.cbc.ca/news/canada/british-columbia/cyberattack-bc-health-employer-websites-personal-information-1.6924496

Exploit: Hacking

The Electoral Commission: Government Agency 

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.682 = Severe

The UK’s Electoral Commission has disclosed a data breach after the names and addresses of 40 million registered voters were left exposed and accessible as far back as 2021. The attack was discovered last October and reported to the Information Commissioner’s Office (ICO), as well as the National Crime Agency, but the public wasn’t informed. Bad actors gained access to the names and addresses of all voters registered between 2014 and 2022. The attackers were also able to access full copies of the electoral registers that were held by the commission for research purposes and to enable permissibility checks on political donations.  

How it Could Affect Your Business: Voting and election data is highly sensitive, and organizations that handle it must implement strong security.


 

United Kingdom – Cumbria Police

https://www.theguardian.com/uk-news/2023/aug/11/cumbria-police-admits-huge-breach-of-data-of-officers-and-staff

Exploit: Human Error

Cumbria Police: Law Enforcement Agency

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 1.413 = Moderate

Cumbria Police have admitted that they’ve experienced a data breach caused by human error. Police officials said that they became aware of a data breach on March 6, 2023. In this incident, information about the pay and allowances of every police officer and data about police staff roles was mistakenly uploaded to the department’s website and left unsecured. The leak affected 1,304 police officers, 756 staff members and 52 police community support officers. 

How it Could Affect Your Business: Security awareness training is the best way to prevent incidents like this caused by human error.


 

Northern Ireland – Police Service of Northern Ireland (PSNI)

https://securityaffairs.com/149359/data-breach/psni-data-leak.html

Exploit: Human Error

Police Service of Northern Ireland (PSNI): Law Enforcement Agency

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.302 = Extreme

The Police Service of Northern Ireland (PSNI) has admitted that it accidentally shared sensitive data about all 10,000 serving police officers. The data was mistakenly provided in response to a Freedom of Information (FOI) request. The exposed data includes the surname, the first initial, the rank or grade, the location and the department of all 10,000 serving police officers. The data was leaked in a spreadsheet that was published online this week. It remained accessible for more than two hours before being taken down. 

How it Could Affect Your Business: The exposure of this data about police officers could be dangerous in such a volatile environment.


 

The Week in Breach News: 08/16/23 – 08/22/23
The Week in Breach News: 08/02/23 – 08/08/23

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.