"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Week in Breach News: 11/30/22 – 12/06/22

Breach-4

LastPass

https://blog.lastpass.com/2022/11/notice-of-recent-security-incident/

Exploit: Hacking
LastPass: Software Company

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.106 = Extreme

LastPass has experienced a second data breach. The company disclosed in its blog that hackers used information obtained in the August 2022 LastPass breach to access customer information in third-party cloud storage shared with its corporate partner GoTo. LastPass specified that customers’ passwords it stores were unaffected and remain safely encrypted. It is unclear as whether or not clients of GoTo and LogMeIn were affected by this incident. All the brands involved said that the incident is under investigation and LastPass specified that it has engaged Mandiant as part of that effort. No specifics as to what information was exposed were available at press time.

How It Could Affect Your Business: Multiple breaches in one year can cause customers to lose faith in a company.

 

 

 
 
 

 

 

U.S. Immigration and Customs Enforcement (ICE)

https://www.businessinsider.com/more-than-6000-immigrants-affected-ice-data-leak-hours-2022-11

Exploit: Misconfiguration

U.S. Immigration and Customs Enforcement (ICE): Federal Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.121 = Severe

Personal information about more than 6,000 potential immigrants applying for refuge from possible torture or political persecution in the U.S. was exposed by ICE in a misconfiguration error. The data breach was first discovered by immigrant advocacy group Human Rights First. After the group reported the problem to ICE the leak was quickly corrected, but not before information about people seeking refuge from countries around the world including China, Iran and Russia was left unprotected and available to anyone for more than five hours. The agency determined that the data had been exposed accidentally as part of a website update. Unfortunately, the availability of the information may have exposed threatened people to danger.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.207 = Severe

In this incident, immigrants’ names, case status, detention locations, and other information was published on a page where ICE regularly publishes detention statistics.

How It Could Affect Your Business: This configuration error exposed very sensitive data and potentially put people at risk of harm.

 

 

 
 
 

 

 

Rackspace

https://www.bleepingcomputer.com/news/security/rackspace-confirms-outage-was-caused-by-ransomware-attack/

Exploit: Ransomware

Rackspace: Cloud Solutions Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.652 = Severe

A ransomware attack forced Virginia-based cloud solutions provider Rackspace was forced to shut down its Hosted Exchange servers on December 2. The company disclosed that Rackspace’s Hosted Exchange service began experiencing problems on December 2 and told customers that the shutdown was the result of a security incident on December 3 that was later identified as ransomware. The company told customers to shift to Microsoft 365 for email services and is offering them free access. Rackspace gave no estimated timeline for the restoration of its Exchange services but cautioned customers that the outage was expected to be extended. A company statement said that the attack was confined to its Hosted Exchange servers. The incident is under investigation but Rackspace said that it is too early to tell if any data was accessed by the threat actors.

How It Could Affect Your Business: IT service providers have been experiencing extraordinarily high levels of ransomware as bad actors perpetrate supply chain attacks.

 

 

 
 
 

 

 

Durham District School Board

https://www.cp24.com/news/ddsb-recovering-from-cyber-attack-that-left-schools-without-access-to-email-or-emergency-contact-information-1.6170841

Exploit: Hacking

Durham District School Board: Regional Education Authority

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.107 = Severe

A school system in the greater Toronto area has experienced a major technical outage after a hacking incident. Durham District School Board said that the incident disrupted online learning for students and left schools without access to phone or email services as well as emergency contact information. The district the board oversees is responsible for public education across 136 elementary and secondary schools in the eastern Toronto area serving an estimated 74,000 students with over 7,000 teaching and educational services staff.

How it Could Affect Your Business: School systems and universities have been high on cybercriminal hit lists because bad actors know they can’t afford downtime.

 

 

 
 
 

 

 

Colombia – Keralty

https://www.bleepingcomputer.com/news/security/keralty-ransomware-attack-impacts-colombias-health-care-system/

Exploit: Ransomware

Keralty: Healthcare Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.882 = Severe

Multinational healthcare group Keralty has disclosed that it has experienced a ransomware attack that has impacted the company and its subsidiaries EPS Sanitas and Colsanitas. The attack has disrupted IT operations including the scheduling of medical appointments and its websites. Reports say that patients were left waiting in lines for more than 12 hours to obtain treatment. The RansomHouse ransomware group has claimed responsibility. The cybercrime group claims to have snatched data in the incident but that is unconfirmed.

How it Could Affect Your Business: Not only does a cyberattack disrupt the business of a healthcare provider, it also dangerously impacts patient care.

 

 

 
 
 

 

 

Belgium – Zwijndrecht Police Department

https://www.bleepingcomputer.com/news/security/ransomware-gang-targets-belgian-municipality-hits-police-instead/

Exploit: Ransomware

Zwijndrecht Police Department: Law Enforcement Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.604 = Severe

The Zwijndrecht Police Department in Belgium has confirmed that it has experienced a data breach after an attack by the Ragnar Locker ransomware group. In an interesting twist to this story, the group initially posted to its dark website that it had successfully attacked the municipality of Zwijndrecht, but it turned out that the attack has actually been perpetrated against the city’s police department. The stolen data is reported to include thousands of car number plates, fines, crime report files, personnel details and investigation reports. No specifics about any demanded ransom were available at press time.

How it Could Affect Your Business: Law enforcement organizations hold some especially sensitive data and need especially strong protection against a data breach.

 

 

 
 
 

 

 

Australia – AGL Energy

https://www.9news.com.au/national/australian-energy-provider-agl-reports-cyber-incident-thousands-customers-impacted-account-lockdown/a725de83-b9cb-4a1d-9f5a-039b2ccc5900

Exploit: Hacking

AGL Energy: Energy Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.717 = Severe

The latest company victimized in the recent rash of cyberattacks o Australian companies is AGL Energy, Australia’s largest electricity provider. The company reported detecting suspicious activity on its platform on December 1. AGL said in a statement that it believed the incident was the result of bad actors obtaining reused customer credentials that had been stolen in other incidents. The energy provider disclosed that an estimated 6,00 customer accounts may have been impacted in this incident. Impacted customers were informed by mail and that federal government and relevant cyber security bodies have been notified of the incident.

How it Could Affect Your Business: Making a continuity plan is a smart move that will help Guadeloupe get out from under this disaster quickly.

 

 

 
 
 

 

 

New Zealand – Accuro

https://www.insurancebusinessmag.com/nz/news/cyber/accuro-hit-by-cyberattack-429430.aspx

Exploit: Hacking

Accuro: Health Insurance Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.801 = Severe

A cyberattack on New Zealand health insurer Accuro has compromised its access to several of its core systems. The not-for-profit insurer says it has not yet determined if customer data was stolen in the incident. Accuro pointed to a cyberattack on its unnamed IT services provider as the root cause of the trouble and said that systems may be down for a protracted period. The company has notified the relevant regulatory authorities, including the Office of the Privacy Commissioner and CERT NZ.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.665 = Severe

The company has notified the relevant regulatory authorities, including the Office of the Privacy Commissioner and CERT NZ.

How it Could Affect Your Business: Companies in Australia and New Zealand have been experiencing a flood of cyberattacks recently.

 

 

 
 
 

 

The Week in Breach News: 12/07/22 – 12/13/22
The Week in Breach News: 11/23/22 – 11/29/22

Customer Login

News & Updates

InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.