"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 11/22/23 – 11/28/23

Breach-1

This week: Two water utilities are hit by ransomware, and more MOVEit data breaches come to light.

 

 

Fidelity National Financial (FNF)

https://www.theregister.com/2023/11/23/blackcat_ransomware_fnf/

Exploit: Ransomware

Fidelity National Financial (FNF): Insurer 

1.51 – 2.49 = Severe Risk

 

Risk to Business: 1.617 = Severe

The ALPHV/BlackCat cybercrime group says that it is responsible for a ransomware attack on Fortune 500 company Fidelity National Financial (FNF). The company confirmed the hack in a filing with the U.S. Securities and Exchange Commission (SEC), saying it had been forced to shut down a number of systems because of a cyberattack. Specifically, the company said that its title insurance, escrow and other title-related services, mortgage transaction services and technology to the real estate and mortgage industries had been impacted by the attack. FNF completed its SEC filing on November 19, and ALPHV/BlackCat claimed the attack on November 22. 

How It Could Affect Your Business: Financial services companies have been high on cybercriminal hit lists since 2020.


 

Welltok

https://www.bleepingcomputer.com/news/security/welltok-data-breach-exposes-data-of-85-million-us-patients/

Exploit: Hacking

Welltok: Software Service Provider 

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.291 = Severe

Healthcare Software-as-a-Service (SaaS) company Welltok has disclosed that it experienced a data breach thanks to the MOVEit file transfer exploit. The company said that its MOVEit transfer server was breached on July 26, 2023, exposing the personal data of nearly 8.5 million patients in the U.S. Patient data exposed during the breach, included full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information. The breach impacted institutions in various states, including Minnesota, Alabama, Kansas, North Carolina, Michigan, Nebraska, Illinois and Massachusetts.  

How It Could Affect Your Business: The interconnection of businesses means that cybercriminals will continue to find new zero-day exploits.


 

AutoZone

https://www.bleepingcomputer.com/news/security/auto-parts-giant-autozone-warns-of-moveit-data-breach/

Exploit: Hacking

AutoZone: Automotive Parts Retailer

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.803 = Severe

AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Cl0p MOVEit file transfer attacks. AutoZone has disclosed that it suffered a data breach on or about August 15, 2023, resulting in the compromise of data of 184,995 people. The company noted in a filing that after a three-month investigation, it determined that a mix of proprietary, employee and customer data had been stolen including employee names and Social Security numbers.  

How It Could Affect Your Business: Companies need to take smart precautions to protect their data from exploits like this one.


 

Idaho National Laboratory (INL)

https://cyberscoop.com/idaho-national-laboratory-siegedsec/

Exploit: Hacking

Idaho National Laboratory (INL): Nuclear Research Laboratory

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.440 = Extreme

SiegedSed, a hacktivist collective that claims to be made up of “furries” says that it has stolen an assortment of data from the Idaho National Laboratory (INL). Officials at INL confirmed that it has experienced a data breach after bad actors infiltrated its Oracle HCM system. The exposed data belongs to employees of the facility and includes employees’ full names, dates of birth, email addresses, phone numbers, Social Security Numbers (SSN), physical addresses and employment information. INL has been in touch with the U.S. Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to investigate. 

How It Could Affect Your Business: Hacktivists are highly motivated attackers who will quickly find any security weaknesses.


 

The Municipal Water Authority of Aliquippa

https://www.cbsnews.com/pittsburgh/news/municipal-water-authority-of-aliquippa-hacked-iranian-backed-cyber-group/

Exploit: Nation-State Attack

The Municipal Water Authority of Aliquippa: Regional Government Agency

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.673 = Severe

The Municipal Water Authority of Aliquippa, Pennsylvania says that an Iranian hacker group took control of one of its booster stations last weekend. The group calls itself Cyber Av3ngers and claims that it targeted the facility because it contains equipment from an Israeli company. Officials were quick to assure the public that an alarm sounded immediately, enabling them to prevent any impact on the water supply to Raccoon and Potter Townships. The incident is under investigation. The group claims to have hacked 10 water stations in Israel.

How it Could Affect Your Business: Municipal governments and state government agencies have been prime targets for cyberattacks.


 

Ardent Health Services

https://www.fiercehealthcare.com/health-tech/ardent-health-services-hit-ransomware-attack-forcing-hospital-ers-divert-ambulances

Exploit: Ransomware

Ardent Health Services: Healthcare Provider

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.216 = Extreme

A Thanksgiving weekend ransomware incident at healthcare company Ardent Health Services has left hospitals scrambling and ambulances diverted from medical facilities in three states. Those facilities include a 263-bed hospital in downtown Albuquerque, New Mexico, a 365-bed hospital in Montclair, New Jersey, and a network of several hospitals in East Texas. Ardent said that it was forced to take its network offline to combat the attack. That knocked out user access to its information technology applications, including corporate servers, Epic software, internet and clinical programs. Other Ardent-operated facilities have felt various impacts. News outlets are also reporting that Ardent did not discover the attack itself. Instead, the company warned of malicious cyber activity affecting its computer systems by CISA on November 22.  

How it Could Affect Your Business: Holiday weekends are prime time for bad actors to get to work mounting ransomware attacks.


 

Brookfield Global Relocation Services (BGRS)

https://www.ctvnews.ca/canada/current-and-former-public-service-rcmp-military-members-affected-by-data-breach-federal-government-warns-1.6651343

Exploit: Hacking

Brookfield Global Relocation Services (BGRS): Moving Company

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.891 = Severe

Canada’s federal government is warning current and former public service employees and members of the Canadian Armed Forces and Royal Canadian Mounted Police that their personal and financial information may have been exposed in a data breach. Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, companies that hold government contracts to provide relocation support, informed the Government of Canada that they’d both been hacked in October 2023. The data breach may include any personal and financial information that employees provided to the companies as early as 1999. The Government of Canada acted quickly, saying in a statement that services such as credit monitoring or reissuing valid passports that may have been compromised will be provided to individuals impacted by this data breach.

How it Could Affect Your Business: These two hacks resulted in a wealth of very profitable data for the bad actors and a headache for the Canadian government


 

France – Service public de l’assainissement francilien (SIAAP)

https://therecord.media/paris-wastewater-agency-hit-cyberattack

Exploit: Ransomware

Service public de l’assainissement francilien (SIAAP): Utility

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.802 = Severe

The organization that manages wastewater for nine million people in and around Paris was hit with a cyberattack last week. Service public de l’assainissement francilien (SIAAP) said that it worked since Wednesday to secure industrial systems and close off all external connections in order to prevent the suspected ransomware attack from spreading. An emergency order has been issued authorizing officials at the organization to hire outside cybersecurity firms and purchase any equipment necessary to recover or restore systems. The incident remains under investigation.

How it Could Affect Your Business: Cyberattacks against utilities can be very alarming and can lead to serious infrastructure problems.


 

The Week in Breach News: 11/29/23 – 12/05/23
The Week in Breach News: 11/15/23 – 11/21/23

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.