Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Exploit: Social Engineering
Riot Games: Video Games Company
Risk to Business: Riot Games has experienced a data breach that has impacted its release schedule for game patches. Riot is the video game developer and publisher behind the popular games League of Legends and Valorant. A company spokesperson said that systems in their development environment had been compromised as the result of a social engineering attack. The company said that there’s no indication that player data or personal information was obtained. However, the incident has impacted its ability to deliver game content and may delay future game updates. The incident is under investigation.
How it Could Affect Your Customers’ Business: Intellectual property and proprietary data are also attractive targets for cybercriminals.
NextGen Healthcare: Medical Records Software Company
Risk to Small Business: NextGen Healthcare is the latest company to fall victim to a AlphV/BlackCat ransomware attack. The company, a major provider of electronic health record (EHR) software and practice management systems, was added to the AlphV/BlackCat group’s dark web leak site last week. NextGen serves hundreds of the biggest hospitals and clinics in the U.S., U.K., India and Canada. The company said that the incident is under investigation. No information was available about any ransom demands at press time.
How it Could Affect Your Customers’ Business: The penalties that healthcare business services companies face for a data breach are just as steep as for a healthcare provider.
Yum! Brands: Fast Food Corporation
Risk to Small Business: Fast food giant Yum! Brands fell victim to a ransomware attack that caused the temporary closure of 300 locations in the United Kingdom. Yum! Brands oversees the KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill fast-food restaurant chains. The company did not name the gang involved or offer details about any ransom demands. Yum! Brands said that upon discovery of the problem, it initiated an incident response that involved closing Uk stores briefly, but that the impacted UK stores have reopened. Yum! Brands disclosed that data was stolen in the attack but said that the company does not see evidence that customer information has been exposed.
How it Could Affect Your Customers’ Business: Ransomware can lead to severe business impacts like closures and loss of business that cause major revenue damage.
Exploit: Credential Stuffing
PayPal: Electronic Payments Processor
Risk to Small Business: PayPal is notifying thousands of users that their accounts may have been accessed through a credential stuffing attack. The company said that this attack occurred between December 6 and December 8, 2022. By December 20, 2022, PayPal’s investigation uncovered that unauthorized third parties logged into the accounts with valid credentials. The company maintains that this intrusion was not due to a breach on its systems and says that it has no evidence that the user credentials were obtained directly from Paypal. The company has notified 34,942 users that their accounts may have been impacted by the incident. Hackers may have had access to account holders’ full names, dates of birth, postal addresses, social security numbers and individual tax identification numbers. Transaction histories as well as connected credit or debit card details and PayPal invoicing data are also accessible on PayPal accounts and may have been exposed.
How it Could Affect Your Customers’ Business: Even big companies can get into hot water over stolen or recycled credentials.