Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Accelya
Exploit: Ransomware
Accelya: Airline Technology Services
Risk to Small Business: The AlphV/Black Cat ransomware group has claimed responsibility for an attack on airline technology firm Accelya. The group claimed to have stolen emails, worker contracts and other business information. Accelya provides passenger, cargo, and industry analytics platforms for airline retailing to Delta, British Airways, JetBlue, United, Virgin Atlantic, American Airlines and other airlines. The company confirmed the incident after investigators discovered that the company’s data was posted on a ransomware leak site.
How it Could Affect Your Business: This company faced double jeopardy with both an increase in supply chain and transportation industry attacks.
DoorDash
Exploit: Supply Chain Attack
DoorDash: Food Delivery Service
Risk to Small Business: DoorDash has confirmed a data breach that has exposed customer information. Employees of the vendor had credentials that were stolen as part of a recent incident at software company Twilio that were then used to access DoorDash’s internal tools. The company said it cut off the third-party vendor’s access to its systems after discovering suspicious activity. DoorDash did not name the third-party vendor but did confirm the attack and that it was related to the Twilio hack.
How it Could Affect Your Business: Unfortunately, this kind of exposure is becoming all too common as bad actors strike strategically against service providers.
LastPass
Exploit: Ransomware
LastPass: Software Company
Risk to Small Business: Authentication software firm LastPass said on Thursday that someone broke into one of its developer’s accounts and used that to gain access to proprietary data including source code. The company said in a statement that the incident had been contained and that they see no further evidence of unauthorized activity. LastPass says there is no evidence that customer data or encrypted password vaults were compromised. This breach may be related to the recent Twilio hack which impacted many companies.
How it Could Affect Your Business: The Information Technology sector was one of the 14 critical infrastructure sectors most victimized by ransomware last year.
Chester Upland School District
Exploit: Business Email Compromise
Chester Upland School District: Regional Education Authority
Risk to Small Business: A recent business email compromise attack on a Pennsylvania school district resulted in bad actors making off with more than $13 million. Authorities say hackers used a stolen district employee email account to snatch the money by sending official-looking messages from that account and then diverting payments to themselves. After diverting the payments, the cybercriminals then used a romance scam conducted through the dating site eHarmony to entice a Florida woman to launder the money unwittingly. The scheme came to light after the Pennsylvania Department of the Treasury flagged a large transfer, unraveling the whole mess. $10 million of the money has since been recovered.
How it Could Affect Your Business: Business email compromise is hard to detect but causes the most financial damage. This school district got lucky recovering money.
New Hampshire Lottery
Exploit: Hacking
New Hampshire Lottery: Gambling Program
Risk to Small Business: New Hampshire Lottery officials warned of a cyberattack on its website, cautioning players that people visiting the site should not click on any pop-up message. The site began to experience trouble early Friday morning, typically a busy day for lottery sales with the Mega Millions drawing taking place late Friday night. Officials said the site has been taken down as the matter is investigated and the trouble dealt with. They do not believe any personal data of players was stolen.
How it Could Affect Your Business: Cybercriminals love to exploit government-run websites to spread malware or for other nefarious purposes.