Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Advocates
Exploit: Hacking
Advocates: Health & Social Services Non-Profit
Risk to Small Business: Advocates announced that it had been the victim of a cyberattack. A hacker gained access to the organization’s network in mid-September 2021. The attacker gained access to data tied to 68,000 clients served by Advocates and likely copied the data. The Massachusetts-based non-profit provides a range of services for individuals with autism, brain injuries, mental health, addiction, and other health conditions. Advocates is cooperating with the ongoing FBI investigation.
How it Could Affect Your Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.
Senate of Puerto Rico
Exploit: Hacking
Senate of Puerto Rico: State Legislative Body
Risk to Small Business: Puerto Rico’s Senate announced Wednesday that it was the target of a cyberattack that disabled its internet provider, phone system and official online page Senate President José Luis Dalmau said in a statement that there is no evidence that hackers were able to access sensitive information belonging to employees, contractors or consultants, although the incident is still under investigation.
How it Could Affect Your Business: Cyberattacks o government agencies have been ramping up in recent months without the impetus of added tension in Eastern Europe.
Kings County Public Health Department
Exploit: Misconfiguration
Kings County California Public Health Department: Local Government Agency
Risk to Small Business: Kings County, California announced that the security flaw in its public webserver made limited information on COVID-19 cases available on the internet. The misconfiguration has been chalked up to a negligent third-party contractor. Discovered in mid-November 2021, officials say that the flaw was in place starting on February 15, 2021 and was corrected on December 6, 2021.
How it Could Affect Your Business: Misconfiguration incidents due to employee or contractor negligence are just as expensive and damaging as cybercrime when regulators get finished with companies that have them.