"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 09/22/21 – 09/28/21

New Cooperative & Crystal Valley Cooperative

https://www.scmagazine.com/analysis/ransomware/food-and-agriculture-industry-needs-more-threat-intel-as-ransomware-attacks-crop-up/
Exploit: Ransomware

New Cooperative & Crystal Valley Cooperative: Agricultural Services


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.337 = Extreme
 
Twin breaches in agriculture have the potential to cause significant disruptions in the US food supply chain. Iowa-based farm service provider New Cooperative was the first ag company hit with a ransomware attack early last week, causing the company to shut down its IT systems. As part of its announcement, the company stated that there would be “public disruption” to the grain, pork and chicken supply chain if its operations are not restored quickly. New ransomware group BlackMatter claimed responsibility, releasing proof on their dark web leak site, saying that they have 1,000GB of data. BlackMatter is demanding a $5.9 million ransom. Minnesota-based farm supply and grain marketing cooperative Crystal Valley was the next hit by a ransomware attack a few days later. The company announced that all of its corporate IT systems were shut down and they were unable to process credit card payments. It also noted that this is a very bad time for cyberattacks in the industry as it is harvest season. No group has yet claimed responsibility for this incident.

Individual Impact: No personal, financial or sensitive data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business: As we learned throughout the pandemic, cybercriminals are aware of when it’s the worst possible time for them to strike and they’ll use that as leverage in their attacks.

 


 

Simon Eye & US Vision

https://www.govinfosecurity.com/hacking-incidents-lead-to-2-big-eye-care-provider-breaches-a-17587
Exploit: Hacking

Simon Eye & US Vision: Optometry Clinic Operators


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.606=Severe
A pair of breaches in the optometry world by Simon Eye and US Vision has exposed the personal and health information of tens of thousands of US patients. Delaware-based Simon Eye Management, a chain of clinics that provide eye exams, eyeglasses and surgical evaluations, reported a hacking incident to the US Department of Health and Human Services (HHS) affecting more than 144,000 individuals. This incident also included an aborted business email compromise attempt. In their HIPAA filing, the breach involved an unauthorized third party accessing certain employee email accounts in May 2021 as cybercriminals attempted to pull off wire transfer and invoice manipulation attacks against the company. New Jersey-based USV Optical Inc., a division of US Vision, has also reported a breach to HHS caused by hacking. The company says the incident involved unauthorized access to certain servers and systems between April 20 and May 17, 2021.



cybersecurity news represented by agauge showing severe risk


Individual Risk: 1.667= Severe
A total of 320,000 US residents may be impacted by these breach incidents. Simon Eye’s disclosure detailed patient information that had potentially been compromised by the incident including patient names, medical histories, treatment or diagnosis information, health information, health insurance information and some Social Security numbers, date of birth and/or financial account information. US Vision disclosed that patient Information potentially compromised in the incident includes patient names, addresses, date of birth and eye care insurance information.

Customers Impacted: 320,000

How It Could Affect Your Business: When companies fail to keep highly sensitive data like this safe, they take a direct hit to the wallet since it costs them a fortune in HIPAA fines once regulators get finished with them.

 


 

Marcus & Millichap

https://searchsecurity.techtarget.com/news/252507058/Marcus-Millichap-hit-with-possible-BlackMatter-ransomware
Exploit: Ransomware

Marcus & Millichap: Real Estate Firm


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.636 = Severe
Real estate giant Marcus & Millichap has suffered a ransomware attack. Suspected to be the work of the BlackMatter ransomware gang, the firm disclosed in an SEC filing that it had seen no evidence of a data breach, although Black Matter did post some authentic-looking sample files with its ransomware demand on its dark web leak site. The incident is under investigation. (The second breach in this pair is in the South America section.)

Individual Impact: No personal, financial or sensitive data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business: Booming dark web data markets mean that cybercriminals are hungry for all kinds of data, especially customer records and financial information.

 


 

Colombia – Coninsa Ramon H

https://thehackernews.com/2021/09/colombian-real-estate-agency-leak.html
Exploit: Misconfiguration

Coninsa Ramon H: Real Estate Firm


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.713 = Severe
A database owned by Colombian real estate firm Coninsa Ramon H has leaked data. More than one terabyte of data containing 5.5 million files was left exposed, leaking the personal information of over 100,000 customers of a Colombian real estate firm data exposure is the result of a misconfigured Amazon Web Services (AWS) Simple Storage Service (S3) bucket.



cybersecurity news represented by agauge showing severe risk


Individual Risk: 1.605 = Severe
The data in the exposed bucket includes internal documents like invoices, proof of income documents, quotes and account statements dating between 2014 and 2021. The customer PII leaked may include names, phone numbers, email addresses, residential addresses, amounts paid for estates and asset values. The bucket may also contain a database backup that includes additional information such as profile pictures, usernames and hashed passwords.

Customers Impacted: Unknown

How It Could Affect Your Business: exposed databases are a cybersecurity incident that companies don’t need to face if everyone is on the same page about the importance of security.

 


 

Italy – Covisian

https://www.inforisktoday.com/ransomware-attack-reportedly-cripples-european-call-center-a-17619

Exploit: Ransomware

Covisian: Call Center Operator


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.661=Severe
GSS, the Spanish language division of call center giant Covisian, has informed customers that it has been subjected to a ransomware attack. The attack locked down the company’s IT systems, crippling its Spanish-language call centers. Customer service for organizations including Vodafone Spain, the Masmovil ISP, Madrid’s water supply company, television stations and many private businesses was impacted. (The second in this pair of breaches is in the Middle East section)

Customers Impacted: Unknown

How it Could Affect Your Business: This is a good illustration of today’s third-party/supply perils. One ransomware attack on a company like this can ripple out to impact many businesses.

 


 

Israel – Voicecenter

https://www.haaretz.com/israel-news/tech-news/.premium-experts-iran-may-be-behind-cyberattack-on-company-serving-big-names-in-israeli-tech-1.10231555

Exploit: Ransomware

Voicecenter: Call Center Operator


cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.699 = Severe
A ransomware attack against the Israeli call center service company Voicenter earlier this week is suspected to be the work of the Deus ransomware outfit who has claimed responsibility for the hack. The gang Deus claimed it would release 15 TB of data concerning 8,000 companies that work with Voicenter including Mobileye, Partner, Gett and My Heritage, among others. The data that the attackers have posted on their dark web leak site includes samples of security camera and webcam footage, ID card information, photos, WhatsApp messages, emails and recordings of phone calls. Interestingly, Deus also provided a photo of its ransom message with a demand for 15 bitcoin within 12 hours of the notification on September 19, with 10 bitcoin added every 12 hours after that deadline. After a brief disruption in services, most Voicenter functions have been restored.

Customers Impacted: Unknown

How it Could Affect Your Business: service providers are goldmines for cybercriminals because they provide a wealth of data that can be used and sold for high profit.

 


 
 
Cybersecurity: What Every Business Owner Should Kn...
The Week in Breach News: 09/15/21 – 09/22/21

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.