Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
North Orange County Community College District
Exploit: Ransomware
North Orange County Community College District: Institution of Higher Learning
Risk to Small Business: North Orange County Community College District in California has been notifying more than 19,000 people about a data security incident. A statement on the school’s website disclosed that Cypress College and Fullerton College in the NOCCCD system experienced a ransomware attack in March 2022. The notice was also posted to the website for Fullerton College for International Students and the Cypress College on-campus Dental Hygiene Clinic, but no confirmation that students in these locations were impacted.
How it Could Affect Your Business: Schools have been a favorite target of bad actors and school system databases are popular targets because they often hold big stores of information.
Somerset County Government
Exploit: Ransomware
Somerset County Government: Local Government
Risk to Small Business: The government of Somerset County, New Jersey with an estimated population of about 350,000, announced on Tuesday that a ransomware attack had caused some systems outages. The county government said that its email system was down. County offices were using temporary Gmail accounts to enable residents to contact critical departments such as the County Commissioners, Health, Emergency Operations, the County Clerk, Sheriff and Surrogate. The county says that it expects the outages to continue for a week. The County Clerk’s office also disclosed that it has been rendered unable to provide most services that require internet access, including gaining access to land records, vital statistics, probate records and title searchers before 1977 In response, the county has activated its Emergency Operations Center and Continuity of Operations of Government Plan.
How it Could Affect Your Business: Governments have been high on the cybercriminal’s shopping list since they tend to have big data stores.
Verizon
Exploit: Hacking
Verizon: Wireless Network Provider
Risk to Small Business: Verizon has announced that hackers obtained access to a database. The hacked database includes the full name, email address, corporate ID numbers, and phone number of hundreds of Verizon employees. According to reports, the hacker contacted Verizon to ask for an extortion payment of $250,000 to prevent the release of the stolen data. Verizon has said that they do not plan to pay.
How it Could Affect Your Business: Data security must be a priority for protecting employee PII as well as customer PII.
General Motors (GM)
Exploit: Credential Stuffing
General Motors (GM): Automobile Manufacturer
Risk to Small Business: General Motors (GM) has announced that it was hit by a credential stuffing attack last month that exposed customer information. GM said that they detected the malicious login activity between April 11-29, 2022, and that hackers obtained access through credential stuffing. GM said in a statement “We believe that unauthorized parties gained access to customer login credentials that were previously compromised on other non-GM sites and then reused those credentials on the customer’s GM account.” The bad actors also redeemed loyalty points from some customers’ accounts for gift cards.
How it Could Affect Your Business: Dark web data is a credential compromise hazard that can bite any business big or small leading to a data exposure disaster.