InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
The Week in Breach News: 12/01/21 – 12/07/21
Planned Parenthood
https://www.washingtonpost.com/nation/2021/12/01/los-angeles-planned-parenthood-hack/Exploit: Ransomware
Planned Parenthood: Healthcare Provider
Risk to Business: 1.616= Severe
Bad actors gained access to the personal information of an estimated 400,000 patients of Planned Parenthood in Los Angeles this past October in a probable ransomware attack. A spokesperson said that someone gained access to Planned Parenthood Los Angeles’ network between October 9 and 17, deployed and exfiltrated an undisclosed number of files. The breach is limited to the Los Angeles affiliate and an investigation is underway.
Risk to Business: 1.703= Severe
PPLA told clients that PII and PHI had been exposed including the patient’s name, address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescriptions.
How It Could Affect Your Business: Medical information is valuable, especially sensitive information like this that can be used for both cybercrime and blackmail, and patients expect that healthcare providers will protect it.
Gale Healthcare Solutions
https://www.zdnet.com/article/sensitive-information-of-30k-florida-healthcare-workers-exposed-in-unprotected-database/Exploit: Misconfiguration
Gale Healthcare Solutions: Healthcare Job Placement
Risk to Business: 1.611=Severe
More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password-protected database owned by Gale Healthcare Solutions, a Florida-based healthcare staffing provider. Files containing the PII of healthcare workers that the company placed were hosted on an unsecured AWS cloud server that was uncovered by security researchers in September. Gale Health Solutions says that the environment has been deactivated and secured. The company also says that there is no evidence there was any further unauthorized access beyond the researcher or that any personal data has been, or will be, misused.
Individual Risk: 1.813=Severe
Researchers reported that the files they saw contained a healthcare worker’s face image or ID badge, full name and a number consistent with an SSN. Other personal data about the impacted workers may also have been exposed.
How It Could Affect Your Business: This mistake will be expensive and coveted healthcare workers may be inclined to choose a different staffing agency because of this carelessness.
MonoX
https://www.hackread.com/hackers-steal-badger-defi-monox/Exploit: Hacking
MonoX: Cryptocurrency Finance
Risk to Business: 1.318=Extreme
The MonoX DEX platform has experienced a breach that did damage to the tune of $31 million. The breach took place after hackers exploited a vulnerability in smart contract software, then exploited the vulnerability to increase the price of MONO through smart contracts and bought assets with MONO tokens. DeFi platform Badger was also reportedly hit by hackers for $120 million last week after they gained access by targeting a protocol on the Ethereum network.
Customers Impacted: Unknown
How It Could Affect Your Business: In an ultra-competitive sector like crypto, customers will be watching every move a company makes, especially if it could potentially cost them money.
DNA Diagnostics Center
Exploit: RansomwareDNA Diagnostics Center: Healthcare Services
Risk to Business: 1.819= Severe
DNA Diagnostics Center said that on August 6, the company discovered that there had been unauthorized access to its network that enabled someone to access and exfiltrate an archived database that contained patient PII collected between 2004 and 2012. The Ohio-based company says that 2,102,436 people had their information exposed. Victims may have been ordered to undergo genetic testing as part of a legal matter.
Individual Risk 1.617= Severe
The company is sending letters to impacted individuals warning them that they may have had their PII and sensitive data such as Social Security number or payment information exposed. Anyone whose personal information was accessed is being offered Experian credit monitoring.
How it Could Affect Your Business: Companies that store two kinds of valuable data like this are at high risk for an expensive and damaging ransomware incident that will have lasting financial results.
United Kingdom – BitMart
https://portswigger.net/daily-swig/crypto-exchange-bitmart-reports-150-million-theft-following-hackExploit: Hacking
BitMart: Cryptocurrency Exchange
Risk to Business: 1.212= Extreme
Cryptocurrency trading platform BitMart has been hacked resulting in the loss of an estimated $150 million in funds. Portswigger reports that Blockchain security firm Peckshield has estimated losses of around $200 million following an attack on the platform on Saturday (December 4), comprising $100 million on the Ethereum blockchain and $96 million on the Binance Smart Chain. BitMart said n a statement that it was temporarily suspending withdrawals until further notice after detecting a large-scale security breach centered on two ‘hot’ wallets. BitMart claims that it has more than nine million customers across more than 180 countries.
Customers Impacted: Unknown
How it Could Affect Your Business: Crypto platforms have been squarely in cybercriminals’ sights in the last few months and consumers are watching to see which ones are able to avoid trouble.
Japan – Panasonic
https://www.securitymagazine.com/articles/96615-panasonic-discloses-data-breach
Exploit: HackingPanasonic: Electronics Manufacturer
Risk to Business: 1.919 = Severe
Panasonic has confirmed that it’s had a security breach after unauthorized users accessed its network on November 11. The company says that an internal investigation revealed that some data on a file server had been accessed by intruders. No information was given about what data was accessed or how much. Panasonic says that it is working with an outside firm to get to the bottom of the matter and expressed its apologies for the incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Large companies are treasure troves for data-hungry cybercriminals looking for a quick, low-risk score to turn over for fast profit.
Australia – CS Energy
https://www.itpro.co.uk/security/ransomware/361687/cs-energy-ransomware-attackExploit: Ransomware
CS Energy: Energy Company
Risk to Business: 1.723 = Severe
CS Energy confirmed it experienced a ransomware attack on November 27. The company said the incident was limited to its corporate network and did not impact operations at its Callide and Kogan Creek power stations. CS Energy’s CEO said that the company contained the ransomware attack by segregating the corporate network from other internal networks and enacting business continuity processes. CS Energy is owned by the Queensland government.
Customers Impacted: Unknown
How it Could Affect Your Business: Utility companies and other critical infrastructure businesses are tempting targets for cybercriminals because their essential nature makes the owners more likely to pay a ransom.
About the author
