Atalanta

https://portswigger.net/daily-swig/us-food-importer-atalanta-admits-ransomware-attack

Exploit: Ransomware

Atalanta: Food Importer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.616= Severe

Imported foods outfit Atalanta has admitted that it suffered a data breach involving employees’ personal information as the result of a ransomware attack in July 2021. An investigation concluded that information related to Atalanta’s current and former employees and some visitors was accessed and acquired by an unauthorized party. Atalanta is North America’s largest privately-held specialty food importer. No details were offered by the company about how many records were exposed and what personal information they contained.

Individual Impact: No details were offered by the company about how many records were exposed and what personal information they contained.

Customers Impacted: Unknown

How It Could Affect Your Business: Data breach risk has become especially nasty as cybercriminals look to distributors and service providers who may maintain large stores of data for a quick score.

 

 

Cox Communications

https://www.bleepingcomputer.com/news/security/cox-discloses-data-breach-after-hacker-impersonates-support-agent/

Exploit: Phishing (Vishing)

Cox Communications: Digital Cable Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.773=Severe

Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers’ personal information. The story goes that on October 11th, 2021, a bad actor impersonated a Cox support agent by phone to gain access to customer information. Cox is the third-largest cable television provider in the US with around 3 million customers.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.813=Severe

Customers may have had information material to their Cox account exposed including name, address, telephone number, Cox account number, Cox.net email address, username, PIN code, account security question and answer, and/or the types of services that they receive from Cox.

Customers Impacted: 3 million

How It Could Affect Your Business: Vishing has been gaining popularity as employees handle fewer phone calls, making them more likely to take the ones they do get seriously. This is the same method of attack that was used in the 2020 Twitter hack.

 

 

The Virginia Division of Legislative Automated Systems (DLAS)

https://apnews.com/article/technology-legislature-executive-branch-virginia-ralph-northam-8adc7aa73b93c91b0687b741b6acd202

Exploit: Ransomware

The Virginia Division of Legislative Automated Systems (DLAS): Government Technology Services

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.318=Extreme

A ransomware attack has hit the division of Virginia’s state government that handles IT for agencies and commissions within the Virginia legislature. Hackers accessed the agency’s system late Friday, then deployed ransomware. A ransom demand was received on Monday. A Virginia state official told CNN that DLAS was shutting down many of its computer servers in an attempt to stop the spread of ransomware. No information was available at press time about the amount of the ransom demand or what if any data was stolen. AP reports that this attack is the first recorded on a state legislature.

Individual Impact: No consumer/employee PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business: In an ultra-competitive sector like crypto, customers will be watching every move a company makes, especially if it could potentially cost them money.

 

 

Kronos Ultimate Group

https://www.bostonglobe.com/2021/12/14/business/businesses-face-payroll-scheduling-woes-after-ransomware-attack-kronos/

Exploit: Ransomware

Kronos Ultimate Group: Payroll Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.619= Severe

HR management company Ultimate Kronos Group has been hit by a ransomware attack that could have devastating ongoing repercussions. The company’s Kronos Workforce Central was paralyzed in the attack. That prevents its clients, including heavyweights like Tesla and Puma, from processing payroll, handling timesheets and managing their workforce. Kronos first became aware of unusual activity on Kronos Private Cloud on Saturday evening. The company’s blog says that it is likely the issue may require several weeks to resolve.

Individual Impact: No consumer/employee PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted:

How it Could Affect Your Business: Once again, cybercriminals choose a target that offers them a huge stash of data, especially valuable personal and financial information.

 

 

United Kingdom – SPAR Convenience Stores

https://www.infosecurity-magazine.com/news/cyberattack-closes-uk-convenience/

Exploit: Ransomware

SPAR Convenience Stores: Convenience Store Chain

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.412= Extreme

UK convenience store chain SPAR fell victim to a cyberattack that impacted operations at a store level. SPAR has around 2600 stores located across the UK. The suspected ransomware attack impacted 330 SPAR locations primarily located in the north of England. Those stores were left unable to process payments made using credit or debit cards for a time. The attack also prevented the stores from using their accounting or stock control systems. Some of the affected shops remain closed in the wake of the attack, but some have reopened accepting only cash payments. An investigation is ongoing.

Individual Impact: No consumer or employee PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

 

 

Sweden – Volvo Cars

Exploit: Hacking

Volvo Cars: Automotive Manufacturer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.112 = Severe

Swedish automotive company Volvo announced that hackers had violated its network and made off with valuable research and development data in a cyberattack. The company went on to say that its investigation confirmed that a limited amount of the company’s R&D property was stolen during the intrusion, but no other data was accessed. The company was quick to assure Volvo owners that there would be no impact on the safety or security of their cars or their personal data.

Individual Impact: No consumer or employee PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Research and development data is a niche market on the dark web that can be very profitable for the bad guys.

 

 

Germany – Hellmann Worldwide Logistics

https://www.zdnet.com/article/german-logistics-giant-hellmann-reports-cyberattack/

Exploit: Ransomware

Hellmann Worldwide Logistics: Transportation Logistics Firm

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.7684 = Severe

Hellmann Worldwide Logistics reported a cyberattack this week that packed a punch. The company said that a cyberattack, suspected to be ransomware, caused them to have to temporarily remove all connections to their central data center. Hellmann said its Global Crisis Taskforce discovered the attack but outside cybersecurity experts were brought in to help with the response.  The company serves clients in 173 countries, running logistics for a range of air, sea, rail and road freight services.

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Transportation companies have been squarely in cybercriminals’ sights since the start of the global pandemic, upping risk for businesses in that sector.

 

 

France – Régie Autonome des Transports Parisiens (RATP)

https://www.infosecurity-magazine.com/news/french-transport-giant-exposes/

Exploit: Misconfiguration

Régie Autonome des Transports Parisiens (RATP): Transportation Authority

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.723 = Severe

A state-owned French transportation giant is in hot water after exposing personal information for nearly 60,000 employees via an unsecured HTTP server. Researchers discovered the server on October 13 left open and accessible to anyone. It contained an SQL database backup dating back to 2018 with over three million records. This featured the details of 57,000 RATP employees — including senior executives and the cybersecurity team. Source code related to RATP’s employee benefits web portal was also exposed with API keys that enabled access to the sensitive info about the website’s backend and RATP’s GitHub account.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.723 = Severe

The exposed employee data includes full names, email addresses, logins for their RATP employee accounts and MD5-hashed passwords.

Customers Impacted: Unknown

How it Could Affect Your Business: This error could have been prevented and the resulting incident will not be cheap to fix after GDPR regulators get finished slapping down penalties.

 

 

Singapore – AscendEX

https://www.coindesk.com/business/2021/12/13/crypto-exchange-ascendex-hacked-losses-estimated-at-77m/

Exploit: Hacking

AscendEX: Cryptocurrency Trading Platform

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.223 = Extreme

Cryptocurrency exchange AscendEX suffered a hack for an estimated $77 million following a breach of one its hot wallets. The company announced the hack on Twitter, saying that it had identified a number of unauthorized transactions from one of its hot wallets on Saturday. Blockchain analytics firm PeckShield estimated that the stolen funds amounted to $77 million spread across three chains: Ethereum ($60 million), Binance Smart Chain ($9.2 million) and Polygon ($8.5 million). The largest share of the $77 million was accounted for by the relatively minor taraxa (TARA) with $10.8 million, while the combined shares of stablecoins USDT and USDC accounted for $10.7 million. The Singapore-based exchange, which was formerly known as BitMax, claims to serve one million institutional and retail clients.

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Business: Crypto and DeFi platforms have been getting hit right and left by bad actors looking for a quick payday, with major attacks every week for the last month.

 

 

Australia – Frontier Software

https://www.zdnet.com/article/south-australian-government-employee-data-taken-in-frontier-software-ransomware-attack/

Exploit: Ransomware

Frontier Software: Payroll Services Technology Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.323 = Severe

South Australia’s state government announced that state government employee data has been exfiltrated as part of a ransomware attack on payroll provider Frontier Software. The company has informed the government that at least up to 80,000 government employees and 38,000 employees of other businesses may have had their data snatched by bad actors in the November 13 incident.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.401 = Severe

The stolen employee data contained names, dates of birth, tax file numbers, home addresses, bank account details, employment start dates, payroll period, remuneration, and other payroll-related information.

Customers Impacted: Unknown

How it Could Affect Your Business: The second appearance of a payrolls services firm this week is a reminder that these companies store exactly the kind of data that is cybercriminals catnip.