"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 09/13/23 – 09/19/23

Breach-3

This week: Caesars loses against ransomware, an unusual vector for a cyberattack at Airbus, and ransomware causes transportation trouble.

 

Caesars Entertainment

https://www.bleepingcomputer.com/news/security/caesars-entertainment-confirms-ransom-payment-customer-data-theft/

Exploit: Ransomware

Caesars Entertainment: Hotel & Casino Operator

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.676 = Severe

Casino titan Caesars Entertainment is the latest Las Vegas institution hit by a cyberattack, joining rival MGM Resorts International. One critical difference though: Caesar’s said that its gambling operations were not disrupted. The company told the federal Securities and Exchange Commission (SEC) that a data breach on September 7 may have exposed the driver’s license information and Social Security number of its loyalty rewards members. The company also pinned the problem on a social engineering attack on its outsourced IT support vendor. Reports vary on the name of the group responsible for the attack, but most agree that the attack was carried out by an affiliate of ALPHV/BlackCat, the same attacker that hit MGM last week. Caesars also reported that it paid the ransom. The attackers initially demanded $30 million but Caesars said it ultimately paid about half of that after negotiations. The incident remains under investigation.

How It Could Affect Your Business: Companies need to be prepared for a supply chain or third-party cyberattack or data breach.


 

ORBCOMM

https://www.bleepingcomputer.com/news/security/orbcomm-ransomware-attack-causes-trucking-fleet-management-outage/

Exploit: Ransomware

ORBCOMM: Trucking Software Solutions Provider

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.203 = Extreme

ORBCOMM, a major fleet management solutions provider to the trucking industry, has experienced a ransomware attack that created a service outage. The company said that since the September 6 ransomware attack, it has been unable to provide electronic services, including inventory management and Blue Tree ELD devices, used to ensure that truckers adhere to federal safety regulations about driving hours. Truckers were forced to switch to paper logs, which federal regulations only permit them to use for eight days per month. ORBCOMM said that they hope to restore services by September 29.  

How It Could Affect Your Business: Companies like this that are linchpins in the supply chains of certain industries are the kind of targets that cybercriminals favor for ransomware attacks.


 

The International Joint Commission (IJC)

https://therecord.media/us-canada-water-commission-investigating-cyberattack

Exploit: Hacking

The International Joint Commission (IJC): Treaty Organization

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 2.873 = Moderate

The venerable International Joint Commission (IJC), a group established by the 1909 Boundary Waters Treaty to regulate projects that impact border waterways and water quality between the U.S. and Canada, has experienced a data breach. The NoEscape ransomware group claims to have stolen 80 GB of proprietary data from IJC including contracts, geological files and conflict of interest forms. IJC confirmed that it is investigating a data security incident but offered no details. NoEscape did not publicize a ransom demand.  

How It Could Affect Your Business: Proprietary data can be just as valuable and sought-after as flashier types of data.


 

Canadian Nurses Association (CNA)

https://therecord.media/cna-confirms-data-incident

Exploit: Ransomware

Canadian Nurses Association (CNA): Professional Organization

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 2.710 = Moderate

The Canadian Nurses Association (CNA) has disclosed that it has experienced a data breach. CNA said that the incident occurred in April 2023. Two groups, Snatch and Nokoyawa, have claimed responsibility for the attack, but Snatch bolstered its claim by posting 37GB of stolen data to its dark web leak site last week. No specifics about the stolen data types were available at press time. The incident remains under investigation.

How It Could Affect Your Business: Professional organizations often hold a variety of data about their members, making them attractive ransomware targets.


 

United Kingdom – Greater Manchester Police (GMP)

https://www.theguardian.com/uk-news/2023/sep/14/greater-manchester-police-officers-data-hacked-in-cyber-attack

Exploit: Supply Chain Attack

Greater Manchester Police (GMP): Law Enforcement

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.673 = Severe

 A ransomware attack on a third-party supplier to UK police forces has resulted in the exposure of personal data for officers in the Greater Manchester Police (GMP) force. The unnamed Manchester-area supplier is the same company responsible for the data breach a few weeks ago affecting London’s Metropolitan Police. As in that incident, details of serving officers’ warrant cards, which include names, ranks, photos and serial numbers, were obtained by bad actors. More than 12,500 Greater Manchester police (GMP) officers and staff could be impacted by this breach.  

How it Could Affect Your Business: A successful cyberattack or data security incident impacting a government contractor can have major repercussions.


 

France – Airbus

https://therecord.media/airbus-data-leak-suppliers-breachedforums

Exploit: Hacking

Airbus: Aerospace Company

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.612 = Severe

Airbus is admitting that it has suffered a data breach after about 3200 of its suppliers appeared in a post on a dark web forum. Reports say that a threat actor using the moniker “USDoD” is behind the lea. The group’s post on BreachForums says that they obtained access to an Airbus web portal after compromising the account of a Turkish airline employee. The group claims to have snatched details on thousands of Airbus vendors, including names, addresses, phone numbers and emails. The group also claimed that it was able to carry out the attack because the victim “likely attempted to download a pirated version of the Microsoft .NET framework, as indicated in the malware path.” 

How it Could Affect Your Business: Specialized information like this can help bad actors conduct more effective spear phishing and business email compromise operations.


 

Australia – BG Group

https://www.reuters.com/business/energy/shell-says-australian-unit-hit-by-moveit-data-breach-2023-09-14/

Exploit: Supply Chain Attack

BG Group: Fuel Supplier

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.802 = Severe

BG Group, a company owned by Shell, is the latest company to admit that it suffered a data breach thanks to the MOVE-it transfer protocol exploit. Shell said that the stolen employee data was very old, dating from 2013, but that the personal details could still put people at risk of phishing attacks. The company began informing affected staff members in early July. More than 600 businesses have been impacted by the MOVEit exploit.

How it Could Affect Your Business: Zero-day vulnerabilities are popping up with greater frequency than ever.


 

New Zealand – Auckland Transport (AT)

https://www.bleepingcomputer.com/news/security/auckland-transport-authority-hit-by-suspected-ransomware-attack/

Exploit: Ransomware

Auckland Transport (AT): Transportation Authority

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.882 = Severe

 Auckland, New Zealand’s transportation authority has reported that some of its systems were taken offline following a ransomware attack. The government-owned regional transportation authority in the Auckland region is responsible for public transportation, roads and other infrastructure. AT said that it is experiencing issues with its integrated ticketing and fares system HOP, impacting the ways that customers can top up fare cards. AT has assured the public that they are rebuilding the damaged system as quickly as possible.  

How it Could Affect Your Business: Cybercriminals don’t spare government agencies, no matter how small or local.


 

The Week in Breach News: 09/20/23 – 09/26/23
The Week in Breach News: 09/06/23 – 09/12/23

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.