InTegriLogic Blog
The Week in Breach News: 10/19/22 – 10/25/22
Microsoft
https://thehackernews.com/2022/10/microsoft-confirms-server.html
Exploit: Misconfiguration
Microsoft: Software Company
Risk to Business: 1.802 = Severe
Microsoft confirmed that it inadvertently exposed information related to thousands of customers following a misconfiguration of Azure Blob Storage. The company said in a statement that the misconfiguration “resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services”. The misconfiguration of the Azure Blob Storage was spotted on September 24, 2022. Microsoft states that the exposed data included names, email addresses, email content, company name, and phone numbers and attached files relating to business “between a customer and Microsoft or an authorized Microsoft partner.”
How It Could Affect Your Business: Even the biggest companies can fall victim to human error and be stuck dealing with unpleasant consequences.
MedStar Mobile Healthcare
https://www.cbsnews.com/dfw/news/medstar-reports-its-computer-network-was-hit-by-a-cyberattack/
Exploit: Ransomware
Medstar Mobile Healthcare: Ambulance Service
Risk to Business: 1.423 = Extreme
Emergency medical services and ambulance company MedStar in Texas was hit by a cyberattack that impacted its ability to dispatch ambulances and respond to 911 calls. The attack occurred on October 20. The company said that they quickly isolated connected systems to assure the breach was quarantined. MedStar was forced to resort to manually dispatching calls over a public safety radio until they could determine that computer systems were secure. The company said it does not think that PHI like 911 call records was accessed by the attackers.
How It Could Affect Your Business: Ransomware is especially nasty in the healthcare sector because it leads to adverse patient outcomes.
United Kingdom – Kingfisher Insurance
https://techmonitor.ai/technology/kingfisher-insurance-ransomware-lockbit
Exploit: Ransomware
Kingfisher Insurance: Insurer
Risk to Business: 2.107 = Severe
Kingfisher Insurance has been hit by a ransomware attack courtesy of LockBit 3.0. The cybercrime group claims to have lifted 1.4 terabytes of information from the company. That data may include the personal data of employees and customers. The gang has demanded that Kingfisher pay the unspecified ransom by November 28 to avoid having the data published. The gang released a sample of the stolen data as proof including information from management system accounts and passwords from Workaday and Access databases.
How It Could Affect Your Business: Ransomware practitioners are especially interested in service and supply chain businesses because of all of the information they store.
Germany – Metro Cash and Carry
Exploit: Hacking
Metro Cash and Carry: Hospitality Wholesaler
Risk to Business: 1.624 = Severe
Hospitality wholesale giant Metro is experiencing infrastructure outages and store payment issues following a cyberattack. The IT outages have been affecting stores in Austria, Germany and France since at least October 17, although the company’s stores remain in operation. Metro says that it was forced to set up offline payment systems and that customers should expect online orders to be delayed. No word on if any data was exposed or stolen was available at press time.
How it Could Affect Your Business: Supply chain cyberattacks have been an increasing burden for wholesalers in every sector.
France – iDealwine
https://www.helpnetsecurity.com/2022/10/19/idealwine-data-breach/
Exploit: Hacking
iDealwine: Online Wine Marketplace
Risk to Business: 2.619 = Moderate
eMerchant iDealwine was knocked offline by hackers for several days. iDealwine has disclosed that it experienced a data breach as a result of the incident. The French company specializes in online auctions and fixed-price sales of fine wine and also offers customers information about news and trends in the wine industry. The company’s website has since been restored.
Individual Risk: 2.702 = Moderate
It has informed its customers that their name, address, telephone number and email address may have been compromised. The company was quick to note that customers’ credit card/bank information has not been compromised.
How it Could Affect Your Business: Retail businesses have been experiencing a high level of cybersecurity trouble in 2022.
Singapore – Carousell
Exploit: Hacking
Carousell: Online Retail Marketplace
Risk to Business: 1.684 = Severe
A database of user accounts believed to have been stolen from online marketplace Carousell is being sold on the dark web. Carousell said on Friday that 1.95 million user accounts were compromised after a bug was introduced during a system migration, giving bad actors a quick path inside the company’s systems. It assured users that no credit card and payment-related information was compromised. Hackers uploaded the 2GB database on Oct 12, two days before Carousell confirmed the breach. In an interesting twist, the hackers said they will be selling only five copies of the database.
How it Could Affect Your Business: Retailers need to be especially careful about security as we head into the winter holiday season.
Australia – EnergyAustralia
Exploit: Hacking
EnergyAustralia: Electricity Utility
Risk to Business: 2.783 = Moderate
EnergyAustralia has become the latest company to be targeted by a cyber-attack, with hundreds of customers’ details exposed. In a statement released late on Friday, the electricity company said 323 residential and small business customers were affected by unauthorized access to their online platform, My Account. The company said there was “no evidence” customer details were transferred outside the company’s platform. They also said sensitive documents such as driver’s licenses or passports were not stored on the platform. No other EnergyAustralia systems were affected. The breach occurred in late September and customers were informed in October.
Individual Risk: 2.801= Moderate
Details including customer names, addresses, email addresses, electricity and gas bills, phone numbers and the first six and last three digits of their credit cards are all included with those accounts.
How it Could Affect Your Business: Utility companies in Australia have had a rough fall as cybercriminals continue to hammer Australian organizations.
Australia – Vinomofo
https://itwire.com/business-it-news/security/vinomofo-suffers-security-breach.html
Exploit: Hacking
Vinomofo: Online Wine Marketplace
Risk to Business: 1.771 = Severe
Online wine sales company Vinomofo has disclosed a data breach after an intruder accessed customers’ personal information. Hackers gained access to Vinomofo’s client records through a test platform that the company was using as part of a new website rollout. Vinomofo discovered signs of the breach on September 27. In a statement, the company said that it doesn’t hold identity or financial data such as passports, driver’s licenses or credit cards/bank details. The company did not say how many of its customers were impacted in this breach.
Individual Risk: 1.837 = Severe
Names, addresses, emails, gender identities, phone numbers and dates of birth may have been accessed by bad actors in this incident.
How it Could Affect Your Business: Unfortunately, online retailers have been experiencing a high level of cyberattacks in 2022.
About the author
