"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 11/02/22 – 11/08/22

Breach-6

Dropbox

https://www.reuters.com/business/retail-consumer/bed-bath-beyond-reviewing-possible-data-breach-2022-10-28/?utm_campaign=fullarticle&utm_medium=referral&utm_source=inshorts

 

Exploit: Phishing
Dropbox: File Hosting Service



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.836 = Moderate
Dropbox has revealed that they have experienced a data breach. The company noted unauthorized access to some of its repositories after a successful phishing attack. That attack resulted in someone copying 130 of its private GitHub code repositories and swiping some of its secret API credentials. Microsoft’s GitHub detected suspicious behavior on Dropbox’s corporate account on October 13 and informed the company. Dropbox ultimately determined the cause was a phishing attack in which bad actors impersonated the code integration and delivery platform CircleCI. Reports point out that three weeks before the attack, GitHub warned of phishing campaigns that involved the impersonation of CircleCI. Dropbox also said the intruder’s access to the GitHub repo silo was revoked on October 14, and that all developer API credentials to which the intruder had access have been rotated.

How It Could Affect Your Business: Even the biggest, most tech-savvy companies can be taken down by phishing in a flash.

 

Kearney & Company

https://securityaffairs.co/wordpress/138136/cyber-crime/lockbit-ransomware-kearney-company.html

 

Exploit: Ransomware

 


Kearney & Company: Financial Services Firm



cybersecurity news represented by agauge showing severe risk


Risk to Business: 2.101 = Severe
The LockBit 3.0 ransomware group has added Kearney & Company, an accounting and financial services firm that does business with the U.S. government, to its published list of victims on November 05. That group is threatening to publish the firm’s stolen data by November 26, 2022, if the company doesn’t pay the $2 million demanded ransom. A sample of the stolen data including financial documents, contracts, audit reports and billing documents has been published on the group’s dark website.

How It Could Affect Your Business: Financial services was the most hard-hit sector in terms of ransomware in 2021 and this year isn’t looking much better.

 

 

Multi-Color Corporation (MCC)

https://www.securityweek.com/label-giant-multi-color-corporation-discloses-data-breach

 

Exploit: Ransomware

 


Multi-Color Corporation (MCC): Printer



cybersecurity news represented by a gauge indicating moderate risk


Risk to Business: 2.764 = Moderate
Label printing company Multi-Color Corporation (MCC) has disclosed that on September 29, 2022, it discovered unauthorized access to its network. An investigation revealed that sensitive HR data might have been compromised, including personnel files and information on employees’ enrollment in benefits programs. Both current and former MCC employees are impacted. Some reports are saying that this was a ransomware attack.


cybersecurity news represented by a gauge indicating moderate risk


Individual Risk: 2.815 = Moderate
The company’s breach announcement said that sensitive personal data of MCC employees and their spouses, partners, and/or dependents who are enrolled in the benefits programs may have been exposed. Exposed data may include a person’s name, date of birth, email address, mailing address, telephone number, Social Security number, driver’s license number, healthcare and health insurance-related data, and certain tax and financial data.

How It Could Affect Your Business: Ransomware operators have been focusing on key points in the manufacturing supply chain for maximum gain.

 

 

Somnia Inc.

https://www.govinfosecurity.com/vendor-hack-tied-to-20-anesthesiology-practice-breaches-a-20414

 

Exploit: Hacking

 


Somnia Inc.: Medical Practice Management



cybersecurity news gauge indicating extreme risk


Risk to Business: 1.382 = Extreme
Somnia Inc, a physician-owned firm that manages anesthesiology practices, has experienced a data breach that may impact an estimated 20 practices serving about 430,000 people. A company spokesperson confirmed that the firm is the management services organization behind the recent breaches affecting many anesthesiology practices. Somnia declined to disclose how many clients and individuals in total were affected. The company said that their forensic investigation into a security incident found that some information stored on the management company’s systems may have been compromised.


cybersecurity news gauge indicating extreme risk


Individual Risk: 1.361 = Extreme
Affected information includes individuals’ name, Social Security number, and some combination of data including date of birth, driver’s license number, financial account information, health insurance policy number, medical record number, Medicaid or Medicare ID and health information such as treatment and diagnosis.

How it Could Affect Your Business: This incident is still snowballing, but however it plays out this will cost Somnia a fortune in regulatory penalties on top of other damages.

 

Italy – Vodafone

https://www.bleepingcomputer.com/news/security/vodafone-italy-discloses-data-breach-after-reseller-hacked/

 

Exploit: Supply Chain Attack

 


Vodafone Italia: Telecommunications



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.619 = Severe
Vodafone Italia is sending customers notices of a data breach after one of its partners, FourB S.p.A., a reseller of telecommunications services, suffered a cyberattack. The incident took place in the first week of September and likely resulted in the compromise of sensitive subscriber details. A cybercrime group, KelvinSecurity, claimed that they’d successfully attacked Vodafone in early September, but the company denied an intrusion at that time. KelvinSecurity put a collection of 295,000 files totaling 310 GB of data up for sale. There has not been confirmation that the two incidents are connected but it seems highly likely.

How it Could Affect Your Business: Supply chain attacks against smaller companies can send out ripples of risk that impact major corporations too.

 

 

Denmark – DSB

https://www.securityweek.com/cyberattack-causes-trains-stop-denmark

 

Exploit: Supply Chain Attack

 


DSB: Railway



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.684 = Severe
Danish train operator DSB experienced a service outage that shut down all of its trains on Saturday morning after a ransomware attack at one of its service providers. That service provider, software firm Supeo, was forced to shut down its servers after a suspected ransomware attack, resulting in the loss of access to a critical piece of software used by train drivers and halting trains around the country. Supeo provides a mobile application that train drivers use to access critical operational information including speed limits and information on work being done to the railroad. DSB, the largest railway operator in Denmark, was able to resume service later on Saturday after significant delays.

How it Could Affect Your Business: Ransomware groups love hitting businesses that are time sensitive in order to raise the chance that they’ll get paid fast.

 

 

 

Australia – Harcourts

https://www.sbs.com.au/news/article/advocates-had-warned-of-the-dangers-of-a-real-estate-data-breach-it-just-happened/6mlieq0g0

 

Exploit: Supply Chain Attack

 


Harcourts: Real Estate Company



cybersecurity news represented by agauge showing severe risk


Risk to Business: 2.283 = Severe
Customers of the Melbourne City branch of real estate company Harcourts were informed that the company was hit by a cyberattack last month that may have exposed the personal information of tenants, landlords and service providers. The company disclosed that an unknown party had accessed its rental property database on October 24 after an incident at one of its service providers, Stafflink, a company that provides franchisee administrative support. The account of a Stafflink employee was allegedly compromised and accessed by an unknown third party, giving bad actors access to the data. Interestingly, Stafflink said in a statement “We understand the unauthorised access occurred because the representative of Stafflink was using their own device for work purposes rather than a company-issued (and more secure) device.”

How it Could Affect Your Business: This kind of data is a goldmine for cybercriminals, and they’re keen to snatch it from business service providers

 

 

Australia – PNORS Technology Group

https://www.abc.net.au/news/2022-11-05/pnors-technology-group-data-security-incident/101620900

 

Exploit: Ransomware

 


PNORS Technology Group: Business Services



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.936 = Severe
PNORS Technology Group, an IT services provider for six departments of the Australian government, announced that two of its units, Datatime Services and Netway Networks, were hit in a cyber attack on November 3. The company confirmed that it had experienced encryption and data theft, as well as the fact that an unnamed cybercrime group has provided a sample of the stolen data as proof of the attack. No information was available at press time on ransom demands or timelines. Data snatched in this incident may include sensitive information about families in the Victorian school system collected as part of school entrance records. The company says that it has informed impacted entities as well as the Office of the Australian Information Commissioner, and an investigation is ongoing.

How it Could Affect Your Business: This isn’t going to bode well for the future of this company’s relationship with agencies that handle sensitive data.

 

 

The Week in Breach News: 11/09/22 – 11/15/22
The Week in Breach News: 10/26/22 – 11/01/22

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.