The Week in Breach News: 10/02/24 – 10/08/24

Wayne County, Michigan is dealing with a cyberattack that has shut down all government websites and limited the operations of several offices. Corrections officers within the Wayne County Sheriff’s Office have struggled to process inmates, the Wayne County Treasurer’s Office has had issues collecting taxes online and the Wayne County Register of Deeds Office closed early on Wednesday. Impacted services have been transitioned to backup processes to maintain operations, and the county expects to have services restored soon.

Trucking company Ward Transport & Logistics reported a data breach to the Massachusetts Attorney General on October 2. The company said that it discovered unauthorized access to sensitive employee data. The information exposed may include, names, Social Security numbers, financial details, medical records and driver’s license numbers. The company has since notified affected individuals.

Casino Fandango reported a data breach to the Montana Attorney General on September 23, 2024, after discovering unauthorized access to its network. The company said that sensitive consumer information had been compromised in the incident but did not specify the exact nature of the exposed data. The breach occurred between June 8 and June 13, 2024. Following the incident, the company secured its systems, notified law enforcement, and began notifying affected individuals.

Fortinet confirmed a data breach after a hacker calling themselves “Fortibitch” claimed to have stolen 440GB of files from the company’s SharePoint server. Fortinet said that the breach involved unauthorized access to a limited number of files from a third-party cloud-based drive, affecting less than 0.3% of Fortinet’s customers. The company has communicated with impacted customers and stated there was no malicious activity, ransomware or encryption involved. Fortinet’s operations and services remain unaffected.

Human resources consulting firm Find Great People has reported a data breach to the Maine Attorney General. The company said that it had discovered unauthorized access to its network. In the intrusion, bad actors stole sensitive information about job seekers such as names, addresses, Social Security numbers, financial details and medical information. The company has since notified affected individuals.

Canada-based game studio Red Barrels, creator of the popular horror game “Outlast”, has disclosed that it experienced a data breach October 2. Apparently, threat actors were able to access some of its data. The company assured players that their information hasn’t been compromised. However, the company acknowledged that the incident will have a significant impact on internal processes that will cause delays in the development and release of new games or content for existing games. A gang calling themselves Nitrogen has claimed responsibility for the hack, claiming they stole 1.8TB of data from the company, including invoices, company info and game mock-ups.

Agence France-Presse (AFP) has reported a potential data breach to French regulators following a recent cyberattack that impacted its news delivery service. AFP has not provided details on whether customer data was compromised, but reports suggest that FTP server credentials may have been affected. The French data protection agency, CNIL, is investigating the breach, and the nature of the attack remains unknown.

Bloom Hearing Specialists has disclosed a ransomware attack that may have exposed the sensitive data of thousands of customers. The exposed data may include a patient’s bank details, records and insurance information. The clinic said that it is investigating the incident in concert with the local authorities. Some or all of the stolen data may soon be published on the dark web. Bloom Hearing Specialists has over 200 locations in Australia and New Zealand.