Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Microsoft: Software Company
Risk to Small Business: Microsoft confirmed that it inadvertently exposed information related to thousands of customers following a misconfiguration of Azure Blob Storage. The company said in a statement that the misconfiguration “resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services”. The misconfiguration of the Azure Blob Storage was spotted on September 24, 2022. Microsoft states that the exposed data included names, email addresses, email content, company name, and phone numbers and attached files relating to business “between a customer and Microsoft or an authorized Microsoft partner.”
How it Could Affect Your Business: Even the biggest companies can fall victim to human error and be stuck dealing with unpleasant consequences.
MedStar Mobile Healthcare
Medstar Mobile Healthcare: Ambulance Service
Risk to Small Business: Emergency medical services and ambulance company MedStar in Texas was hit by a cyberattack that impacted its ability to dispatch ambulances and respond to 911 calls. The attack occurred on October 20. The company said that they quickly isolated connected systems to assure the breach was quarantined. MedStar was forced to resort to manually dispatching calls over a public safety radio until they could determine that computer systems were secure. The company said it does not think that PHI like 911 call records was accessed by the attackers.
How it Could Affect Your Business: Ransomware is especially nasty in the healthcare sector because it leads to adverse patient outcomes.
United Kingdom – Kingfisher Insurance
Kingfisher Insurance: Insurer
Risk to Small Business: Kingfisher Insurance has been hit by a ransomware attack courtesy of LockBit 3.0. The cybercrime group claims to have lifted 1.4 terabytes of information from the company. That data may include the personal data of employees and customers. The gang has demanded that Kingfisher pay the unspecified ransom by November 28 to avoid having the data published. The gang released a sample of the stolen data as proof including information from management system accounts and passwords from Workaday and Access databases.
How it Could Affect Your Business: Ransomware practitioners are especially interested in service and supply chain businesses because of all the information they store.