"Your Information Technology Leader"

Client Portal Payment Portal

Blog

InTegriLogic Blog

InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Categories
Tags
Categories:   All Categories
Suggested keywords
x

The Week in Breach News: 12/07/22 – 12/13/22

Breach-5

Sequoia

https://www.wired.com/story/sequoia-hr-data-breach/

 

Exploit: Hacking
Sequoia: Payroll & Benefits Management Company





Risk to Business: 2.176 = Severe
California-based major business services company Sequoia, known for their Sequoia One payroll services, has disclosed that they’d detected unauthorized access to one of the company’s cloud storage repositories containing an array of sensitive and personal data. The company says it occurred between September 22 and October 6. The company noted that investigators from Dell SecureWorks did not find evidence of malware in its network and did not find any compromised computers or servers in Sequoia’s infrastructure.





Risk to Business: 2.131 = Severe
Sequoia’s breached cloud system stored an array of sensitive personal data, including names, addresses, dates of birth, gender, marital status, employment status, Social Security numbers, work email addresses, wage data related to benefits, and member IDs as well as any other ID cards, Covid-19 test results, and vaccine cards that individuals uploaded to the employment system.

How It Could Affect Your Business: Business services companies, especially those that store large amounts of sensitive data, are tempting targets for cybercriminals

Acuity Brands

https://www.securityweek.com/lighting-giant-acuity-brands-discloses-two-data-breaches

 

Exploit: Hacking

 


Acuity Brands: Lighting & Building Services



cybersecurity news gauge indicating extreme risk


Risk to Business: 1.227 = Extreme
Acuity Brands has disclosed that it has had not just one but two previously unannounced data breaches in the last few years. The company says that it became aware of unauthorized access to its systems that resulted in data theft in early December 2021. While undertaking that investigation, Acuity also discovered that they’d had a separate, unrelated breach in October 2020, which also involved attempts to copy files from compromised systems. SecurityWeek said that they’ve found evidence that the 2021 attack may have been carried out by the notorious now-defunct Conti ransomware group. Acuity said that it had initially customers and partners about the breach in December 2021, and that this new notification is a follow-up for impacted employees. Employee data was accessed in both incidents. The company is likely facing a class-action lawsuit related to the incident in California.


cybersecurity news gauge indicating extreme risk


Individual Risk: 1.207 = Extreme
In this incident, immigrants’ names, case status, detention locations, and other information was published on a page where ICE regularly publishes detention statistics.

How It Could Affect Your Business: A cascade of damage can follow in the wake of a data breach, like expensive legal trouble.
 

The Metropolitan Opera

https://www.nytimes.com/2022/12/07/arts/met-opera-cyberattack-website.html/

 

Exploit: Hacking

 


The Metropolitan Opera: Arts Organization



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.981 = Severe
The Metropolitan Opera in New York City experienced a cyberattack that disrupted its ability to sell tickets. The company’s website and box office were affected. The New York Times reported an outage of 30 hours. However, that didn’t stop the show, with performances continuing as scheduled. There has been no announcement that this was a nation-state cyberattack, but the newspaper noted that The Met has been outspoken in its support for Ukraine throughout the Russia-Ukraine conflict, including parting ways with a leading Russian singer and hosting a benefit for Ukraine relief.

How It Could Affect Your Business: Bad actors love to hit businesses that are impacted by a time crunch in the hope of scoring a big payday.

 

The California Department of Finance

https://www.cyberscoop.com/lockbit-ransomware-california-department-of-finance/

 

Exploit: Ransomware

 


The California Department of Finance: Government Agency



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.981 = Severe
The LockBit 2.0 ransomware group says that it has snatched 76 gigabytes of data from the California Department of Finance. The agency has been added to the group’s leak site with a deadline of December 24 to pay the unspecified ransom. The group claims that it has stolen a wide variety of data including databases, confidential data, financial documents and court records, providing seven screenshots of the data as proof. The California Governor’s Office of Emergency Services did confirm that the California Cybersecurity Integration Center (Cal-CSIC) is actively investigating a cybersecurity incident at the agency but did not offer any further comment.

How It Could Affect Your Business: Government agencies are ripe ransomware targets because they maintain huge stores of often sensitive data.

 

Amnesty International

https://www.securityweek.com/amnesty-international-canada-says-it-was-hacked-beijing

 

Exploit: Nation-State Cyberattack
Amnesty International: Non-Profit Organization



cybersecurity news represented by agauge showing severe risk


Risk to Business: 2.107 = Severe
The Canadian arm of the human rights organization Amnesty International said that it was recently the victim of a cyberattack sponsored by China. The organization said that it first detected the security breach on October 5. Officials said that said the searches that attackers made in their systems were specifically and solely related to China and Hong Kong, as well as a few prominent Chinese activists. Amnesty International disclosed that the hack left the organization offline for nearly three weeks.

How it Could Affect Your Business: Nation-state cyberattacks are hitting organizations that you may not expect these days.
 

France – Intersport

https://techmonitor.ai/technology/cybersecurity/intersport-cyberattack

 

Exploit: Ransomware

 


Intersport: Retailer



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.882 = Severe
French sports equipment company Intersport has fallen victim to a ransomware attack by the Hive cybercrime group. The group allegedly snatched data about Intersport’s customers in the Hauts-de-France region were primarily impacted, but some clients in other areas, including the central Île-de-France, were also at risk. Intersport has more than 700 outlets. Allegedly, the company was given an unusual same-day deadline to pay the extortionists.

How it Could Affect Your Business: Tis the season for retailers to get hit by cyberattacks and cybercriminals snatch up valuable data.

 

Belgium – The City of Antwerp

https://www.bleepingcomputer.com/news/security/antwerps-city-services-down-after-hackers-attack-digital-partner/
Exploit: Ransomware

 


The City of Antwerp: Municipal Government



cybersecurity news represented by agauge showing severe risk


Risk to Business: 1.904 = Severe
The city of Antwerp, Belgium, suffered a disruption to many public services after bad actors obtained access to its network through a cyberattack on its digital provider Digipolis. Phone and email systems were widely disrupted at city agencies. Schools, daycares, senior care, health services and other city services were impacted. The city’s police also experienced outages. Antwerp’s mayor said that the impact could last until the end of December. the Play ransomware group has claimed responsibility for the attack.

How it Could Affect Your Business: Bad actors have been having a field day hitting small and large local government entities worldwide.

Australia – Telstra

https://www.bankinfosecurity.com/australian-telecom-firm-leaks-data-130000-customers-a-20681

 

Exploit: Misconfiguration
Telstra: Telecommunications Company



cybersecurity news represented by agauge showing severe risk


Risk to Business: 2.103 = Severe
Another breach at telecom Telstra has left the information of over 130,000 customers whose details were supposed to be unlisted exposed. The company pointed to a “misalignment of databases” as the cause behind the incident, which made the name, address and phone numbers of customers who had requested to be unlisted available via Directory Assistance or the White Pages. Telstra says that it has partnered with IDCARE to develop a response plan and offer affected individuals support. Telstra also suffered a security breach in October that exposed the personal data of an estimated 30,000 past and present Telstra employees days after the massive Optus incident.

How it Could Affect Your Business: One breach is bad enough, but two blunders so close together is going to be very disheartening to consumers.

 

The Week in Breach News: 12/14/22 – 12/20/22
The Week in Breach News: 11/30/22 – 12/06/22

About the author

Bruce Groen

Bruce Groen

Bruce Groen is the CEO and co-founder of InTegriLogic Corp.

Author's recent posts

More posts from author

Customer Login

News & Updates

InTegriLogic launches new website!
InTegriLogic is proud to announce the launch of our new website at www.integrilogic.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...
Read More

Contact us

Learn more about what InTegriLogic can do for your business.

InTegriLogic
1931 W Grant Road suite 310
Tucson, Arizona 85745

Copyright InTegriLogic. All Rights Reserved.