InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
The Week in Breach News: 11/03/21 – 11/09/21
Diamond Comic Distributors
https://bleedingcool.com/comics/diamond-comic-distributors-targeted-by-ransomware-attack/
Exploit: RansomwareDiamond Comic Distributors: Periodical Distributor
Risk to Business: 1.417= Severe
It’s a bird, it’s a plane, it’s a ransomware attack at Diamond Comic Distributors. The Baltimore-based company, the exclusive distributor of DC and Image Comics and a publishing outlet for dozens of small-press comics publishers, suffered a ransomware attack last Friday that took down the company’s website and customer service platforms all weekend into Monday. Diamond said in a statement that it did not anticipate that any customer financial data had been impacted by this event. Investigation and recovery is underway with some functions already restored.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware can cost companies a fortune from operational disruption alone even if no data is snatched, not to mention incident response costs.
Electronic Warfare Associates (EWA)
Exploit: PhishingElectronic Warfare Associates (EWA): Defense Contractor
Risk to Business: 1.822=Severe
A phishing attack that snared an employee is the suspected cause of a breach at defense contractor Electronic Warfare Associates (EWA). The company is a major provider of specialized software for the US defense establishment including the Pentagon, the Department of Defense (DoD), the Department of Justice (DoJ) and the Department of Homeland Security (DHS). EWA’s investigation determined that an attacker broke into an EWA email account in August 2021 after a phishing operation. The intrusion was uncovered when the attacker attempted a wire transfer. Employee PII was exposed and concern remains that sensitive defense information may also have been exposed.
Individual Risk: 1.703=Severe
EWA has admitted that the attackers snatched files with certain personal information including name and Social Security Number and/or drivers’ license number for an undisclosed number of EWA employees, but no further information was given.
How It Could Affect Your Business: Phishing is an equal opportunity offender and no less likely to be successful against the presumably cybersecurity savvy employees of a tech company as any other business.
Newfoundland and Labrador Health
https://www.securitymagazine.com/articles/96481-canadian-healthcare-system-suffered-cyberattack
Exploit: RansomwareNewfoundland and Labrador Health: Healthcare System
Risk to Business: 1.442=Extreme
What may be the largest cyberattack in Canadian history crippled the healthcare system of the province of Newfoundland and Labrador on October 30th. The suspected ransomware attack hit scheduling and payment systems, causing widespread interruptions in patient care including the cancellation of all non-urgent imaging and medical appointments well as a reduction in chemotherapy sessions and significant complications the province’s COVID-19 response. Eastern Health reported that their payment systems to suppliers and vendors were also targeted by the attack. Email and telephone capability has been restored in some locations and an investigation is ongoing.
Customers Impacted: Unknown
How It Could Affect Your Business: Healthcare has been beleaguered by cyberattacks, especially ransomware, since the start of the global pandemic.
Greece – Danaos Management Consultants
https://splash247.com/greek-shipowners-cyber-tricked-over-halloween-weekend/
Exploit: HackingDanaos Management Consultants: Maritime IT
Risk to Business: 1.615= Severe
Maritime clients who use the communication systems of Danaos Management Consultants found themselves without some communications capability after a cyberattack blocked their communication with ships, suppliers, agents, charterers and suppliers. Several Greek shipping companies were impacted. The incident also resulted in the loss of an unspecified amount of files and correspondence for the impacted shipping firms.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks have rocked the maritime world in 2021, with major attacks against the world’s four biggest shippers complicating the world’s supply chain woes.
Germany – Media Markt
https://www.bleepingcomputer.com/news/security/mediamarkt-hit-by-hive-ransomware-initial-240-million-ransom/Exploit: Ransomware
Media Markt: Electronics Retailer
Risk to Business: 1.512= Severe
Electronics retailer MediaMarkt has suffered a ransomware attack that caused the company to shut down some IT systems, impacting store operations in Netherlands and Germany. While cash registers and payment card systems in brick-and-mortar locations were disrupted, online sales were not impacted. The attack was purportedly carried out by the Hive ransomware outfit who initially demanded $240 million in ransom.
Customers Impacted: Unknown
How it Could Affect Your Business: Operational disruption from a ransomware attack is just as likely as data theft and sometimes even more damaging.
Australia – mySA Gov
https://securityaffairs.co/wordpress/123861/cyber-crime/cream-finance-cyber-heist-130m.htmlExploit: Hacking
mySA Gov: Government Services Platform
Risk to Business: 1.595 = Extreme
South Australia’s Department for Infrastructure and Transport confirmed that mySA Gov accounts were compromised through a cyber attack. Officials went on to say that the hackers gained access to several mySA Gov accounts that were secured with recycled passwords. The department went on to say that there was no evidence of any unauthorized transactions on the impacted accounts while encouraging users to update their passwords.
Individual Risk: 1.595 = Extreme
A report from ABC says that 2,601 mySA Gov accounts were accessed in the attack, with 2,008 of them containing registration and licensing information. It is unclear if any information was exfiltrated.
How it Could Affect Your Business: Cybercriminals are always hungry for PII, especially identification card or passport data that can help them commit identity theft.
About the author
