"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 09/15/21 – 09/22/21

Austin Cancer Centers

https://www.beckershospitalreview.com/cybersecurity/cyberattack-leads-to-it-outage-at-texas-cancer-clinics-exposing-36-000.html

Exploit: Ransomware

Austin Cancer Centers: Specialty Medical Clinic System


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.623 = Severe
 
Austin (Texas) Cancer Centers are notifying 36,503 patients of a data breach that forced it to shut down its IT networks. The cancer treatment network, which has eight locations, discovered that hackers had deployed ransomware onto its systems. Cybersecurity experts determined that hackers had made the intrusion and remained invisible since late July 2021.



cybersecurity news represented by agauge showing severe risk


Individual Risk: 1.702 = Severe
 
Exposed information may include Social Security numbers, names, addresses, birthdates, credit card numbers and health-related information. For patients affected, Austin Cancer Centers offers online credit monitoring services and fraud insurance with coverage up to $1,000,000.

Customers Impacted: 36,503

How It Could Affect Your Business: Data from medical centers is always a valuable commodity for cybercriminals because it can provide PII, financial information and other profitable tidbits.

 

 

TTEC

https://krebsonsecurity.com/2021/09/customer-care-giant-ttec-hit-by-ransomware/
Exploit: Ransomware

TTEC: Customer Support Provider


cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.636 = Moderate
TTEC, a growing customer support provider, has been hit with a suspected Ragnar Locker ransomware attack. The company handles customer support calls on behalf of an array of major companies including Bank of America, Best Buy, Credit Karma, Dish Network, Kaiser Permanente, USAA and Verizon. Around September 12, company data was encrypted and business activities at several facilities were temporarily disrupted. The incident is under investigation.

Customers Impacted: Unknown

How It Could Affect Your Business: Ransomware is always a disaster. Ragnar Locker operators recently threatened additional repercussions to companies that contact law enforcement officials after a successful attack.

 

 

Walgreen’s

https://www.vox.com/recode/22623871/walgreens-covid-test-site-data-vulnerability
Exploit: Misconfiguration

Walgreen’s: Drugstore Chain


cybersecurity news gauge indicating extreme risk


Risk to Business: 1.336=Extreme
Vox reports that the personal data of patients that had a COVID-19 test at Walgreens was stored incorrectly and exposed to anyone who cared to view it. The data exposure potentially affects millions of people who used Walgreens’ COVID-19 testing services over the course of the pandemic. The exposure came to light after a security expert checked for test results for a family member and noticed the issue. discovered the issues in March after a family member got a COVID-19 test. The vulnerability has been around since at least March 2021 when the expert discovered it, but likely longer



cybersecurity news gauge indicating extreme risk


Individual Risk: 1.217=Extreme
Patient personal data exposed include each patient’s name, date of birth, gender identity, phone number, address and email. In some cases, test results are also available.

Customers Impacted: Unknown

How It Could Affect Your Business: When a company fails to keep highly sensitive data like this safe, it’s going to give customers and partners pause. It’s also going to cost them a fortune in penalties once regulators get finished with them.

 

 

Epik

https://arstechnica.com/information-technology/2021/09/anonymous-leaks-gigabytes-of-data-from-epik-web-host-of-gab-and-parler/
Exploit: Hacking

Epik: Webhosting


cybersecurity news gauge indicating extreme risk


Risk to Business: 1.227 = Extreme
Legendary hacktivist group Anonymous has struck again, this time claiming to have snatched gigabytes of data from Epik, a domain name, hosting, and DNS service provider for a variety of right-wing sites including Texas GOP, Gab, Parler and 8chan including extremist groups. The hacktivist collective announced in a press release that the data set, which is over 180GB in size, contains a “decade’s worth of data from the company.” It has been released as a torrent. Members of the whistleblower site, Distributed Denial of Secrets (DDoSecrets), have also made the data set available via alternate means. The Ars Technica story on the incident, linked above, is absolutely worth reading and includes the press release as well as other actions by Anonymous in the same vein. The group perpetrated this hack as part of its Operation Jane campaign.



cybersecurity news gauge indicating extreme risk


Individual Risk: 1.305 = Extreme
It is unclear to what extent this hack exposed personal information for owners of sites hosted by Epik or other personal or financial data. However, reports from experts who have viewed the data say that it is highly likely that Epik customers and users should expect that their data has been stolen.

Customers Impacted: Unknown

How It Could Affect Your Business: Experts who have seen the stolen data contend that Epik was negligent in its storage of PII and passwords, making the hack easier for Anonymous.

 

 

Microsoft

https://www.bleepingcomputer.com/news/security/eventbuilder-misconfiguration-exposes-microsoft-event-registrant-data/
Exploit: Misconfiguration

Microsoft: Software Developer


cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.801 = Moderate
The personal information of hundreds of thousands of users of Microsoft’s EventBuilder has been exposed in a misconfiguration snafu. Researchers who discovered the leak say that the data was exposed through an improperly configured Azure blob and was available for an unknown length of time. The mistake was quickly fixed.



cybersecurity news represented by a gauge indicating moderate risk


Individual Risk: 2.727 = Moderate
Personal data for event registrants including names, email addresses and job titles was exposed in more than one million CSV and JSON files of EventBuilder driven events hosted through Microsoft Teams.

Customers Impacted: Unknown

How it Could Affect Your Business: Human error is still the biggest cause of a data breach and this is one mistake goes to show that applies to every business – even the big dogs can fumble once in a while.

 

 

France – CMA CGM

https://splash247.com/cma-cgm-hit-by-another-cyber-attack/

Exploit: Ransomware

CMA CGM: Maritime Freight Carrier


cybersecurity news represented by agauge showing severe risk


Risk to Business: 2.819 = Moderate
French container shipping giant CMA CGM has been hit by another cyber-attack. The company was breached about a year ago as well. A spate of attacks against maritime shipping companies has led to breaches at all four of the major players – Maersk, MSC, Cosco and CMA CGM – in the last 12 months. CMA CGM said its IT teams have immediately developed and installed security patches.



cybersecurity news represented by agauge showing severe risk


Individual Risk: 2.878 = Moderate
The company revealed that customer data had been stolen in this attack including regular customers’ first and last names, employer, position, email addresses and phone numbers.

Customers Impacted: Unknown

How it Could Affect Your Business: By land, sea or air, shipping companies have been favored targets of cybercriminals since the start of the pandemic.

 

 

Japan – Olympus

https://portswigger.net/daily-swig/olympus-insists-medical-services-uninterrupted-by-malware-attack

Exploit: Malware

Olympus: Medical Technology Developer


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.802 = Severe
Japanese medical tech behemoth Olympus has disclosed a cyber-attack that prompted the shutdown of certain IT systems last week. The company announced that it had been hit with “an attempted malware attack affecting parts of our sales and manufacturing networks in EMEA (Europe, Middle East, and Africa).”

Individual Impact: Olympus contends that no data was stolen.

Customers Impacted: Unknown

How it Could Affect Your Business: Malware attacks like this are becoming increasingly more common as cybercriminals look at encryption over theft as a quick way to mount a successful attack and score a payday.

 

 
 
The Week in Breach News: 09/22/21 – 09/28/21
The Week in Breach News: 09/08/21 – 09/14/21

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.