The Week in Breach News: 08/16/23 – 08/22/23

Risk to Business: 1.276 = Extreme

Tesla has admitted that it had a data breach in May 2023 that was caused by malicious insiders. Allegedly, two or more Tesla employees stole data including customer data from Tesla and leaked it. The German news outlet Handelsblatt obtained the data and published an analysis of it, which is how Tesla found out about the data breach. The treasure trove contained 100 gigabytes of confidential data, which included employees’ names and contact information such as addresses, cell phone numbers, and email addresses. The leaked data also included around 2,400 customer complaints about Tesla cars suddenly accelerating and a further 1,500 complaints of braking issues, including 383 cases of “phantom braking”. 

Risk to Business: 1.405 = Extreme

The Clorox Company, best known for producing liquid bleach and cleaning products, is facing a cleanup of its own after it was forced to take some systems offline to clean up after being hit with a probable ransomware attack. The company said that the attack has impacted and will continue to impact its operations but did not specify which products may be impacted. The company did not say if any data was accessed or stolen by the bad actors. Clorox said that it has informed law enforcement of the incident and it is working with third-party cybersecurity experts to investigate the attack and restore its operations. 

Risk to Business: 1.673 = Severe

Right at the start of the school year, Prince George’s County Public Schools in Maryland announced that it was the victim of a cyberattack. The attack caused a broad internet outage throughout the system. impacted 4,500 of 180,000 accounts. PGPS said that it believes that the majority of the impacted accounts belonged to staffers, emphasizing that no impact has been observed in its primary business and student information systems. An investigation is ongoing.  

Risk to Business: 2.610 = Moderate

Insurance giant Geico is the most recent company to become entangled in the MOVEit exploit saga. The company confirmed to reporters that it has experienced a data breach that has led to the exposure of employee personal data due to a service provider’s use of MOVEit. Geico sent employees a letter advising them that their data had been exposed but did not specify exactly what data may have been impacted.  

Risk to Business: 1.673 = Severe

On August 14, 2023, M&T Bank filed a notice of data breach with the Attorney General of Massachusetts. In this notice, M&T explains that the breach is the result of a data security incident at a service provider related to the MOVEit exploit that resulted in an unauthorized party being able to access consumers’ sensitive information including manes and account data. M&T Bank is offering free credit monitoring services to anyone affected by the breach. The incident is in the early stages of investigation.

Risk to Business: 1.682 = Severe

 UK retail business services provider Swan Retail had been knocked offline, causing a major disruption for more than 300 independent retailers. The August 13, 2023, attack impacted Swan Retail’s inventory management, order fulfillment and accounting systems. The company works with around 300 independent retailers around the UK in a variety of verticals including fashion, home goods, sports, catering and garden centers. Swan Retail said it is working to restore systems quickly.  

Risk to Business: 1.413 = Moderate

Wholesale energy software provider Energy One has revealed that a cyberattack on August 18, 2023, resulted in some corporate systems in Australia and the United Kingdom being taken offline. Energy One specified that it has disabled some links between its corporate and customer-facing systems as a safety measure. It is also working to determine what if any data was accessed by the attackers. The company said it has engaged cyber security specialists, CyberCX, and alerted the Australian Cyber Security Centre and certain UK authorities about the incident, which remains under investigation.

Risk to Business: 1.302 = Extreme

The au Domain Administration has finally admitted that it has been the victim of a cyberattack by the ransomware group NoEscape. AuDA had maintained that it had not fallen victim to a cyberattack initially but changed its tune after the ransomware group posted a sample of AuDA’s data on its leak site. NoEscape says that it has pilfered more than 15GB of data, providing screenshots of some AuDA customer documents as proof of the hack. AuDA said that it is auDA working with the Australian Cyber Security Centre, the Department of Home Affairs and the Office of the Australian Information Commissioner as well as outside cybersecurity experts in its ongoing investigation.