Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
FinalSite
Exploit: Ransomware
FinalSite: Education Technology Provider
Risk to Small Business: School website services provider FinalSite has suffered a ransomware attack that disrupted access to websites for thousands of schools worldwide. FinalSite provides solutions for over 8,000 K – 12 schools and universities in 115 countries. school districts that hosted their websites with FinalSite found that they were no longer reachable or were displaying errors. Bleeping Computer reports that in addition to the website outages the attack prevented schools from sending closure notifications due to weather or COVID-19. FinalSite says that approximately 5,000 school websites went offline as a result of the ransomware attack and no data was stolen. An investigation is ongoing.
How it Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses.Broward Health
Exploit: Hacking
Broward Health: Hospital System
Risk to Small Business: Florida-based healthcare system Broward Health has disclosed a data breach affecting 1,357,879 individuals after an intruder gained unauthorized access to the hospital’s network and patient data. The organization discovered the breach four days after the initial intrusion and immediately notified the FBI and the US Department of Justice. Broward Health contracted a third-party cybersecurity expert to help with the investigations.
How it Could Affect Your Business: Medical data is always a win for cybercriminals and losing it is an expensive nightmare for hospitals once regulators are finished with them.
D.W. Morgan
Exploit: Hacking
D.W. Morgan: Logistics and Supply Chain Management
Risk to Small Business: Researchers at Website Planet uncovered a data breach at D.W. Morgan because of a misconfigured AW3 bucket. The exposed data included more than 2.5 million files equating to over 100GB of data related to D.W. Morgan’s clients and their shipments from 2013 to late 2021. Some files also included sensitive client data and employee PII. Website Planet revealed that records pertaining to deliveries for clients including Cisco, and Life Technologies was also exposed in files.
How it Could Affect Your Business: Service providers like this are goldmines for cybercriminals, amping up supply chain risk for everyone.
Ravkoo
Exploit: Hacking
Ravkoo: Pharmacy
Risk to Small Business: US-based online pharmacy Ravkoo has disclosed a data breach. The company disclosed that its AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed by unauthorized parties, resulting in the potential compromise of customers’ prescription and health information.
How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.