Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats. Here’s what’s in store this for 04/26/23 – 05/02/23. If you missed last’s week’s news, read Hacks, Attacks and Breaches: Exposed Credentials and PII.
Topping #HacksAttacks&Breaches this week, ransomware freezes Americold, and details about the highly sensitive data stolen in a ransomware attack on Minneapolis Public Schools. Here are the headlines:
- A network breach at Americold caused a major outage, affecting all inbound and outbound deliveries.
- The Diocese of Las Vegas experienced a breach, compromising the sensitive information of its volunteers, parishioners, donors and other stakeholders.
- A March ransomware attack caused sensitive personal data for thousands of Minneapolis public school students to be leaked on the dark web, including birth dates and SSNs.
Americold: Cold Storage Company
Risk to Business: Americold, a leading cold storage logistics company, announced that it has experienced a network outage as the result of a cyberattack. The incident began last Tuesday night and has persisted, leaving employees and customers scrambling. The company has asked customers to cancel inbound deliveries and to reschedule all but the most critical outbound deliveries. Americold expects to have systems restored late this week. Americold said that it is focused on rebuilding affected systems, leading to speculation that this is a ransomware incident. They expect to restore most services this week.
How it Could Affect Your Customers’ Business: Logistics companies are a key element in the supply chain, making them highly attractive targets for bad actors.
United HealthCare: Insurer
Risk to Small Business: Health insurance giant United HealthCare has informed members that it has experienced a data breach. The problem was uncovered on February 22, 2023, when United identified suspicious activity on its local app that may have led to the disclosure of members’ personal information. The company estimates that the breach happened between February 19 and February 25, 2023. Members may have had personal information exposed in the breach including first and last names, health insurance member ID numbers, dates of birth, addresses, dates of service, provider names, claim information and group names and numbers. UnitedHealthcare said that Social Security and driver’s license numbers were not exposed. Affected members have been informed via letter.
How it Could Affect Your Customers’ Business: This kind of incident will end up costing United HealthCare a fortune after regulators in multiple states and at the federal level get through with them.
Fincantieri Marine Group (FMG)
Fincantieri Marine Group (FMG): Shipbuilder
Risk to Small Business: U.S. Navy contractor Fincantieri Marine Group (FMG) experienced a ransomware attack last week that is causing a temporary disruption to certain computer systems on its network. A company spokesperson said that the ransomware attack on the Fincantieri Marinette Marine shipyard disrupted operations across the shipyard by rendering data on network servers unusable as well as impacting critical CNC (Computer Numerical Control) manufacturing machines. The company said that it doesn’t have any indication that employee data was compromised. The incident is under investigation.
How it Could Affect Your Customers’ Business: Strategic attacks that impair defense manufacturing are a dangerous modern hazard that companies must be ready for.
The Diocese of Las Vegas
The Diocese of Las Vegas: Religious Organization
Risk to Small Business: Late last week The Diocese of Las Vegas admitted that it had experienced a data breach that may have exposed sensitive data. The breach was discovered on March 12, 2023, and concerned data held by the Diocese about its volunteers, parishioners, donors and others. The Diocese did not specify exactly what types of information were stolen, but it was quick to reassure the public that employee payroll and benefits information and Catholic Stewardship Appeal information were not impacted. The incident has been reported to the relevant authorities.
How it Could Affect Your Customers’ Business: Churches and non-profits must be just as vigilant against cyberattacks as businesses because they’re just as much in the line of fire.
CIC Group, Inc.
CIC Group, Inc.: Engineering and Construction Manufacturing
Risk to Small Business: CIC Group, Inc. a commercial and industrial business holding company based in St. Louis, Missouri, has disclosed that it was recently the victim of a cyberattack. In a filing with the Texas Attorney General’s Office, CIC Group said that an unauthorized party had gained access to confidential customer information that the company was holding including consumers’ names, addresses and Social Security numbers. The company has begun sending out data breach notification letters to everyone who was impacted by the incident.
How it Could Affect Your Customers’ Business: Supply chain attacks have been escalating, bringing fresh danger to businesses in every sector.
The Minneapolis Public Schools
The Minneapolis Public Schools: Education Authority
Risk to Small Business: A mid-March ransomware attack has resulted in highly sensitive data about and belonging to thousands of public school students in Minneapolis being exposed on the dark web. The ransomware group Medusa claimed responsibility for the attack and began releasing information on its dark web leak site last week. Many students’ identifying data including birthdays and Social Security numbers was exposed, but that’s not the most sensitive data by far. The torrent of an estimated 200,000 files stolen from includes data about incidents of students exhibiting behavioral issues, documentation of problems at home like divorcing or incarcerated parents, data about conditions like Attention Deficit Disorder, documented indications of injuries, results of intelligence tests and what medications they take. Documents detailing allegations of abuse by district staff are also in this tranche, including the accusing student’s name, date of birth and address.
How it Could Affect Your Customers’ Business: This is a horrible story that illustrates the human cost and cruelty of many cyberattacks.
UK – Hardenhuish School
Hardenhuish School: Secondary School
Risk to Small Business: Hardenhuish School in Chippenham, Wiltshire, has been hit by a ransomware attack that has disrupted its systems. The school confirmed that the incident was a ransomware attack but did not specify a ransom demand. Hardenhuish School said that its IT staff are working to restore full functionality, but in the meantime, they’ve resorted to low-tech solutions like old-fashioned paper registers. The school is working with authorities to investigate the incident.
How it Could Affect Your Customers’ Business: Unfortunately, schools remain a popular target for cybercriminals thanks to their reputation for shoddy security.
Germany – Bitmarck
Bitmarck: Healthcare IT Provider
Risk to Small Business: Bitmarck, the largest IT provider serving Germany’s health system, announced that it had experienced a cyberattack last Sunday. The attack caused Bitmarck to take both its customer-facing and internal networks offline. The company said that it does not believe that any data was stolen, although it cautioned that an investigation by external experts was ongoing. The systems outage may have a widespread effect in Germany, as electronic certificates are used to obtain sick leave. Pharmacies may also be impacted.
How it Could Affect Your Customers’ Business: A cyberattack on a service provider can impact many other businesses by causing expensive delays.
Australia – Amnesty International Australia
Amnesty International Australia: Non-Profit Group
Risk to Small Business: Questions are flying as Amnesty International Australia has just disclosed a data breach that occurred in December 2022. Amnesty International Australia sent an email to supporters informing them their data may be at risk late last week as well as posting a statement on its website after numerous media inquiries. A spokesperson said that “some low-risk information relating to individuals who made donations in 2019 was accessed.”, asserting that the stolen data did not meet Australia’s reporting threshold. Reports identify the likely stolen data as a donor’s name, email address and phone number.
How it Could Affect Your Customers’ Business: Failing to inform the public and its donors that the organization had experienced a cyberattack isn’t a good look.