Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Geographic Solutions Inc.
Exploit: Ransomware
Geographic Solutions Inc.: Software Company
Risk to Small Business: A ransomware attack on a major provider of software to state government agencies around the U.S. has resulted in website outages that impacted government services. Geographic Solutions provides workforce development, labor market information, and unemployment insurance software solutions to 35 U.S. states including Nebraska, Tennessee, Texas, Florida, North Carolina, California and Indiana. Labor department job search and unemployment program website outages left citizens and government officials scrambling. The company has engaged a third-party firm to help with the cleanup and most services have been restored.
How it Could Affect Your Business: A data security incident at a service provider can be a disaster for any business and it will be especially damaging for the healthcare clients involved here.
California Department of Justice
Exploit: Human Error
California Department of Justice: State Government Agency
Risk to Small Business: The California Department of Justice has disclosed a messy data breach courtesy of its Firearms Dashboard Portal. During an update in late June, user data for anyone who had applied for a concealed carry firearms permit from 2011 through 2021 using the site was exposed for an estimated 24 hours in an unsecured spreadsheet. Data was also exposed on several other state-maintained gun-related online dashboards, including the Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Safety Certificate and Gun Violence Restraining Order dashboards.
How it Could Affect Your Business: SMBs that handle, or store large amounts of data have been high on cybercriminal shopping lists, particularly in recent months.
Napa Valley Community College
Exploit: Ransomware
Napa Valley Community College: Institution for Higher Learning
Risk to Small Business: Napa Valley College has experienced a ransomware attack that resulted in its website and network systems being knocked offline. The incident, which started over two weeks ago, knocked systems including the college’s on-campus telephones and employee email accounts out, leaving social media and an athletic department website run on a separate network as the only communication channels for the college. Professors and staff have since had email restored. The college also announced that it will continue teaching summer-session classes both in-person and remotely using an online platform that includes email and communication with professors. The incident is under investigation.
How it Could Affect Your Business: The education sector has been hammered by cyberattacks for the last few years impacting schools at every level.
OpenSea
Exploit: Insider Threat
OpenSea: Non-Fungible Token Marketplace
Risk to Small Business: NFT giant OpenSea has had a data breach caused by an employee at a third-party service provider misusing their access to data. OpenSea announced last week that an employee of email vendor Customer.io, misused their employee access to download and share email addresses of OpenSea’s users and newsletter subscribers with an unauthorized external party. Customer.io told TechCrunch that the culprit was likely an employee who abused their role-specific access privileges and that no other company’s data was involved in this incident.
How it Could Affect Your Business: Finance sector organizations have been at the top of the cybercriminal hit list, especially crypto-related entities.
New Peoples Bank
Exploit: Hacking
New Peoples Bank: Financial Institution
Risk to Small Business: New Peoples Bank, a bank with branches in Virginia, West Virginia and Tennessee, has announced that it has experienced a data breach. An unauthorized person accessed bank systems on June 9, leading to data exposure for customers as well as disrupting banking and financial services. The bank is providing one year of free credit monitoring for impacted clients. Services have since been restored.
How it Could Affect Your Business: Banks of every size are a likely target of ransomware attacks and need to take extra security precautions.