The Week in Breach News: 09/25/24 – 10/01/24

MoneyGram, a peer-to-peer payments and money transfer service, has confirmed a cyberattack that took its systems offline starting on September 20, 2024. On September 22, the company informed customers that a network outage was disrupting connectivity to several systems, affecting both in-person and online transactions. In response, MoneyGram launched an investigation into the breach and contacted law enforcement. By the end of the week, the company announced progress in restoring its services, stating that some partners were now able to send and receive money, and pending transactions were being fulfilled.

MC2 Data, a background check company, has reported a data breach caused by human error. Approximately 2.2TB of sensitive data was left unprotected and publicly accessible on the internet, without password protection. The exposed data includes personal information such as names, birthdates, email addresses, phone numbers, passwords, IP addresses, property records and other confidential details. Additionally, information about clients seeking background checks was also compromised. MC2 Data operates several websites, including PrivateRecords.net, PrivateReports, PeopleSearcher, ThePeopleSearchers and PeopleSearchUSA.

On September 9, 2024, collections agency Nationwide Recovery Service (NRS) reported a data breach to the U.S. Department of Health and Human Services Office for Civil Rights after discovering unauthorized access to confidential information entrusted to the company. NRS stated that this breach allowed an unauthorized party to obtain sensitive consumer data. Following its investigation into the incident, NRS will begin notifying all individuals whose information was impacted by the security breach through official data breach notification letters.

On September 26, 2024, accounting firm Ross, Anglim, Angelini & Co., LLP filed a data breach notice with the Massachusetts Attorney General after discovering a security incident that exposed sensitive information in its possession. According to the notice, the breach allowed unauthorized access to client data including sensitive personal data like names and Social Security numbers.

Elitecare Emergency Hospital in League City, TX, has informed 24,754 patients of a recent cybersecurity breach. Suspicious activity was first detected on July 10, 2024, prompting the hospital to shut down its systems to contain the issue. Third-party cybersecurity specialists were brought in to investigate the incident. By July 17, 2024, it was confirmed that an unauthorized individual had gained access to patients’ protected health information. While the exact data accessed varied by individual, it included personal details such as names, addresses, birthdates, phone numbers, and email addresses, along with potentially sensitive information like health insurance details, medical records, Social Security numbers or driver’s license and government IDs. 

Michigan Medicine revealed on Thursday that it has suffered its second cyberattack in just four months. This breach targeted employee email accounts and exposed the protected health information of nearly 58,000 individuals, including names, medical record numbers, and diagnostic or treatment details. The attack occurred on July 30, 2024, when a Michigan Medicine employee mistakenly approved an unsolicited multifactor authentication (MFA) request, granting the attacker access to the employee’s email and its sensitive contents.

 The town of Arkansas City, Kansas, experienced a cyberattack on its water utility system. Officials reported a “cybersecurity issue” at the water treatment facility on September 22, and precautionary measures were implemented to secure the plant. This included switching to manual operations while the issue was being addressed. Despite the incident, there has been no disruption to water services, and officials confirmed that the water supply remains entirely safe for residents to consume.

In a recent cyberattack, the names of all Dutch police officers were stolen, along with their work-related contact details. According to a spokesperson, the hackers gained access to this sensitive information through a compromised email account. The stolen data may include names, email addresses, and phone numbers. The incident is currently under investigation by the police, and the Dutch data protection authority has been notified. The Dutch national police force comprises approximately 62,000 officers.