"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 10/23/24 – 10/29/24

Breach-6

This week: A spate of attacks hits non-profits and a malicious insider wreaks havoc on an Italian bank.

 

Kansas City Hospice & Palliative Care

https://cybernews.com/news/blacksuit-ransomware-claims-kansas-city-hospice

Exploit: Ransomware

Industry: Healthcare

cybersecurity news represented by agauge showing severe risk

 

Kansas City Hospice & Palliative Care was added to BlackSuit’s victim list on October 19. While the organization’s website offers no further details, it confirmed launching an investigation with third-party forensic experts to assess the breach. Some systems were impacted, but operations continued without interruption, and the nonprofit is now fully recovered. Founded in 1980, Kansas City Hospice serves 5,700 individuals and families annually and is the largest hospice provider in the region, with over 300 employees and volunteers.

How It Could Affect Your Business: A data breach like this is a fast way for an organization to run up big bills that can impact a company’s financial health and future.


 

Easterseals

https://therecord.media/easterseals-central-illinois-data-breach

Exploit: Ransomware

Industry: Non-profit

cybersecurity news represented by agauge showing severe risk

 

The Rhysida ransomware group has targeted Easterseals, seeking to extort $1.3 million from the organization that supports disabled children, seniors, and military veterans. Although Easterseals has not commented, it filed breach notification documents with Maine regulators, revealing a cyberattack at its Central Illinois location in April. The attack compromised the personal information of 14,855 individuals, including names, addresses, Social Security numbers and medical data. Affected individuals are being offered 12 months of identity protection services. The group has posted Easterseals on its leak site, demanding a 20 bitcoin ransom by October 30.

How It Could Affect Your Business: It’s important to remember that even non-profits like charities aren’t immune to cybercrime.


 

BronxWorks

https://www.jdsupra.com/legalnews/bronxworks-announces-data-breach-3646094

Exploit: Hacking

Industry: Non-profit

cybersecurity news represented by agauge showing severe risk

 

BronxWorks, a non-profit in New York that provides family, legal and health services, filed a data breach notice with the Massachusetts Attorney General after discovering that an unauthorized party accessed employee email accounts. The breach, which occurred between September 1 and October 11, 2023, also involved access to documents stored on SharePoint and OneDrive platforms. Compromised information includes names, Social Security numbers, passport numbers, digital signatures, medical and financial data and driver’s license numbers. BronxWorks has begun notifying affected individuals and is taking steps to address the security incident.

How It Could Affect Your Business: Attacks on non-profits can hurt more than just organizations, they can also hurt people.


 

Arkansas Blue Cross and Blue Shield

https://www.kark.com/news/state-news/arkansas-blue-cross-and-blue-shield-providing-protection-after-data-breach-of-member-personal-information

Exploit: Supply Chain Breach

Industry: Insurance

cybersecurity news represented by agauge showing severe risk

 

Arkansas Blue Cross and Blue Shield is assisting members after a vendor data breach on August 26. Its vendor, Healthmine, discovered unauthorized access to the Blue Wellness Rewards program portal, where a hacker redeemed digital gift cards and accessed members’ personal data, including names, addresses, emails, birth dates, and prescription histories. Social Security numbers and financial information were not compromised. The company reported the incident to law enforcement, hired a forensic firm and Healthmine disabled affected accounts and blocked suspicious domains.

How It Could Affect Your Business: This breach garnered attackers a combination of health and personal data that will be profitable for them and an expensive disaster.


 

Johnson & Johnson

https://www.securityweek.com/johnson-johnson-discloses-data-breach

Exploit: Hacking

Industry: Insurance

cybersecurity news gauge indicating extreme risk

 

Johnson & Johnson, an insurer unrelated to the pharmaceutical company, disclosed a security breach detected in mid-August 2024. A forensic investigation revealed that files related to its insurance operations may have been compromised, potentially exposing personal information. However, the exact data affected remains unclear. The breach impacted over 3,200 individuals. Johnson & Johnson claims that it has taken steps to strengthen its security following the incident.

How it Could Affect Your Business: Insurance companies can be excellent sources of data for bad actors thanks to the multiple data types they tend to hold.


 

Peru – World Vision Perú

https://ransomwareattacks.halcyon.ai/attacks/medusa-ransomware-hits-world-vision-peru-in-cyberattack

Exploit: Ransomware

Industry: Non-Profit

cybersecurity news represented by a gauge indicating moderate risk

 

World Vision Perú, a branch of the Christian relief, development, and advocacy organization World Vision, has fallen victim to a ransomware attack orchestrated by the Medusa group. This incident was discovered on October 14. Employee and client information likely exposed in this attack includes full names, passport scans and email addresses. Unspecified confidential business data was also snatched. No ransom demand was made public.

How it Could Affect Your Business: A successful cyberattack on a non-profit can have an unfortunate ripple effect on that non-profit’s entire community.


 

Switzerland – Berufsbildungszentrum (BBZ)

https://therecord.media/ransomware-attack-german-speaking-school-switzerland-bbz-schaffhausen

Exploit: Ransomware

Industry: Education

cybersecurity news represented by agauge showing severe risk

 

 The Vocational Training Center (BBZ) in Schaffhausen, Switzerland, suffered a ransomware attack earlier this month, the canton’s education department announced. Cybercriminals exploited a firewall vulnerability to block system access and demanded a ransom using encryption malware. The school has notified employees, parents, trainees and partner companies about the incident, and classes will resume as scheduled after the fall break.

How it Could Affect Your Business: Education is the top sector for ransomware attacks, which means that schools need extra protection in place.


 

Italy – Intesa Sanpaolo

https://www.reuters.com/technology/cybersecurity/what-we-know-about-data-breach-intesa-sanpaolo-2024-10-22

Exploit: Malicious Insider

Industry: Finance

cybersecurity news represented by agauge showing severe risk

 

Prosecutors in Bari, Italy, are investigating a data breach at Intesa Sanpaolo, the country’s largest bank, involving unauthorized access to around 3,500 customer accounts, including those of Prime Minister Giorgia Meloni and former Prime Minister Mario Draghi. An employee at a branch in Bitonto allegedly accessed the accounts between February 2022 and April 2024. The bank initiated disciplinary action and a full audit after its internal controls flagged irregular activity. Affected customers had already alerted authorities before the bank notified prosecutors. Intesa issued a public apology on October 13 and established a new security division, led by a recently retired senior police officer.

How it Could Affect Your Business: No company wants to think about it, but every business is at risk of trouble from a malicious insider.


 

Cybersecurity Compliance – What SMBs Need to Know ...
Steps to Take After a Cyber Attack – Immediate Act...

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.