The Week in Breach News: 12/13/23 – 12/19/23

Risk to Business: 2.617 = Moderate

The Rhysida ransomware gang says that it is behind a ransomware attack on Sony-owned Insomniac Games. The studio, creators of games starring Spider-man and Spyro the Dragon, confirmed that it was hit with ransomware that resulted in a data breach. Rhysida posted some of the stolen data as proof of the hack and is currently auctioning the full set for around $2 million in bitcoin. The assortment of data published includes details about Insomniac’s upcoming Wolverine game, scans of Insomniac employees’ passports and other proprietary data.

Risk to Business: 1.691 = Severe

The Fred Hutch Cancer Center near Seattle, WA, was hit by a ransomware attack that forced the healthcare provider to take many systems offline around December 1. The group Hunters International has added Fred Hutch to its dark web leak site, claiming to have snatched 533 GB of data. Area news outlets have reported that the gang had begun emailing patients who had their data stolen. The emails informed the victim that they were one of 800,000 people whose personal information had been stolen in the breach, and that the gang would remove the person’s information from the data they plan to sell or publish for $50. The allegedly stolen information includes a patient’s medical history, lab results and Social Security numbers. The Fred Hutch Cancer Center said in a statement that they are working with law enforcement to investigate the incident.

Risk to Business: 1.703 = Severe

ZeroedIn Technologies, a Maryland-based provider of human resources technology, has admitted that it has experienced a data breach. The company provides human resources analytics tool to major U.S. retailers including Dollar Tree and Family Dollar. The company said that an unauthorized party gained access to its computer network in August 2023, resulting in data exposure for current and former employees of those chains. An employee’s exposed data may include their name, date of birth and Social Security number.

Risk to Business: 1.840 = Severe

Delta Dental of California has announced that it has experienced a data breach stemming from the MOVEit file transfer exploit that impacts an estimated 12 million people. The insurer claims that it learned about the compromise on June 1, 2023. An investigation determined that bad actors had accessed and stolen data from its systems between May 27 and May 30, 2023. Insureds had their names, financial account numbers, and credit/debit card numbers, including security codes, exposed in the breach. Delta Dental of California provides 24 months of free credit monitoring and identity theft protection services to impacted patients.  

Risk to Business: 2.673 = Moderate

The London Public Library in Ontario is investigating a cyberattack that disrupted key operations systems. The attack resulted in the closure of three branch libraries and knocked out the library’s public computers as well as its digital borrowing service. The library website and electronic catalog were also disabled. Most library branches remained open, with books available to read or borrow in person. Library officials are asking the public to refrain from returning any borrowed materials while they attempt to recover from the attack.

Risk to Business: 1.136 = Extreme

In what is being described as the largest cyberattack so far in the ongoing conflict between Russia and Ukraine, top Ukrainian mobile phone company Kyivstar was hit by a cyberattack that took down its network, disrupting service to more than half of Ukrainians. The Russian hacking group Killnet has claimed responsibility for the attack. The outage put millions of people in danger of not receiving alerts of potential Russian air assaults as well as knocking out air raid alert systems in parts of Kyiv. No data was reported as stolen in the attack, which did not impact Ukraine’s military.  

Risk to Business: 1.601 = Severe

An estimated 10,000 people have had sensitive personal and healthcare data stolen in a cyberattack on Asper Biogene. Hackers made off with 33 GB of data including details related to paternity and fertility tests as well as testing for hereditary diseases. Stolen patient records contain individuals’ names, personal identification numbers as well as testing orders, test results and condition details. The company says that it has alerted law enforcement, the State Information System Agency (Riigi Infosüsteemi Amet) and the Data Protection Inspectorate of the incident. 

Risk to Business: 1.433 = Extreme

 Paris –based DeFi company Ledger has disclosed that a phishing attack led to a security breach that resulted in the loss of $484,000 in crypto for users. Bad actors were able to gain an employee’s credentials through phishing, enabling them to access Ledger’s network to publish a phony version of Ledger’s Connect Kit containing malicious code. The kit was supposedly available for about five hours. Ledger’s development and security teams were able to implement a solution within 40 minutes of learning about the intrusion, but the damage was already done.