In #HacksAttacksBreaches this week – Breaches abound at government and quasi-government agencies and an unrest-related communications cyberattack in Russia. Here are the highlights:
- Financial services firm suffers data breach, compromising clients’ sensitive information.
- U.S. Department of Health and Human Services (HHS): Contractor breach exposes sensitive data for 100,000 individuals.
- U.S. Patent and Trademark Office: Years-long data leak exposes trademark applicants’ location data.
- Ransomware attack exposes sensitive data of 2.5 million patients at Barts Health NHS Trust.
- Data breach via supply chain attack impacts leading chipmaker.
The latest Hacks, Attacks and Breaches cybersecurity news update is here to give you what you need to stay informed, each week.
Read the top cybersecurity stories this week to keep up with hacking, computer security, ransomware and other cybersecurity threats. Here’s what’s in store this for 06/28/23 – 07/04/23. If you missed last’s week’s news, read Hacks, Attacks and Breaches: Data Dilemmas – From Gen Digital to Reddit.
Wealth Enhancement Group
Exploit: Credential Compromise
Wealth Enhancement Group: Financial Services
Risk to Business: Severe
Minnesota-based financial services firm Wealth Enhancement Group has reported a data breach to regulators in Maine. The company said that it detected that an unauthorized individual had gained access to one of its servers through credential compromise in early April. Stolen data may include clients’ full names, Social Security numbers, addresses, dates of birth, phone numbers, email addresses, driver’s license numbers, state identification numbers and financial account numbers. Data breach letters were sent on June 28 to impacted clients.
How it Could Affect Your Customers’ Business: Protecting an organization’s credentials from compromise has never been more critical.
U.S. Department of Health and Human Services (HHS)
Exploit: Supply Chain
U.S. Department of Health and Human Services (HHS): Federal Agency
Risk to Business: Severe
The U.S. Department of Health and Human Services (HHS) has notified Congress of a data breach that may have exposed sensitive data for 100,000 people. HHS said that an unnamed contractor had been caught up in the flood of cyberattacks around the MOVEit exploit. HHS said that none of its own systems or data were accessed by cybercriminals and its network remains safe. Several other federal agencies have been hit by the MOVEit exploit either directly or through a supplier/contractor.
How it Could Affect Your Customers’ Business: Supply chain risk is high and climbing for every organization. Businesses should take action now to reduce it.
U.S. Patent and Trademark Office (USPTO)
Exploit: Misconfiguration
U.S. Patent and Trademark Office (USPTO): Federal Government Agency
Risk to Business: Extreme
The U.S. Patent and Trademark Office (USPTO) has disclosed that it has experienced a years-long data leak that exposed the location data of thousands of trademark applicants. The leak is estimated to have been ongoing for the past three years; it was active from February 2020 to March 2023. The leak was caused by an error in one of USPTO’s application programming interfaces (APIs). A notice about the breach was sent to affected trademark applicants.
How it Could Affect Your Customers’ Business: Security awareness training isn’t just for cyberattacks, it also helps employees become more conscientious about security overall to limit mistakes.
United Kingdom – Barts Health NHS Trust
Exploit: Ransomware
Barts Health NHS Trust: Medical Facility Operator
Risk to Business: Severe
Barts Health NHS Trust has disclosed that it has been the victim of a ransomware attack by the notorious gang ALPHV/BlackCat that exposed the sensitive data of 2.5 million patients. BlackCat claimed to have snatched 7 terabytes of data including unspecified patient data, employees’ personal data and financial information including credit card details last Friday. The incident is under investigation.
How it Could Affect Your Customers’ Business: Healthcare data of all kinds is a valuable commodity for bad actors, and ransomware attacks against healthcare providers are climbing.
United Kingdom – National Health Service
Exploit: Third Party
National Health Service (NHS): National Government Agency
Risk to Business: Severe
The UK’s National Health Service has disclosed that it may have had sensitive health data pertaining to 1.1 million patients from 200 hospitals after a June 6 cyberattack on research partner The University of Manchester. Initial estimates show that about 250 gigabytes of data was accessed by bad actors in the attack, including data on the university’s backup servers. The data was initially collected for research purposes and some people who had data stolen may not even know that the university had it. The investigation remains ongoing.
How it Could Affect Your Customers’ Business: Supply chain relationships aren’t the only relationships that endanger a company’s data; an attack on a partner can be equally devastating.
Ireland – Dublin Airport Authority (DAA)
Exploit: Supply Chain
Dublin Airport Authority: Transportation Authority
Risk to Business: Moderate
The Dublin Airport Authority (DAA) has disclosed that sensitive information belonging to approximately 2,000 airport workers was exposed in a cyberattack on pay and benefits service provider Aon. The airport authority did not offer specifics on the type of data stolen beyond saying that some employees’ pay and benefit information was exposed. Aon is another casualty of the MOVEit hack.
How it Could Affect Your Customers’ Business: Attacks using the MOVEit exploit have proliferated in every sector and the number of impacted organizations continues to grow daily.
Russia – Dozor Teleport CJSC
Exploit: Hacking (Nation-State)
Dozor-Teleport CJSC: Telecommunications Company
Risk to Business: Extreme
Russian telecom Dozor-Teleport CJSC has claimed that it is the victim of a cyberattack by supporters of the non-state-aligned PMC Wagner paramilitary group that is currently active in Russia. Dozor-Teleport CJSC is a communications satellite operator that provides internet and other communication services for Russian state agencies including Moscow’s main intelligence agency. Hackers stole nearly 700 files, defaced several websites and launched Wagner-related messages and a video on the company’s site. The damage is expected to take weeks to fix.
How it Could Affect Your Customers’ Business: Cyberattacks, especially ransomware and wiper malware, as well as hacking have become a part of modern warfare.
Taiwan – Taiwan Semiconductor Manufacturing Company (TSMC)
Exploit: Supply Chain
Taiwan Semiconductor Manufacturing Company (TSMC): Semiconductor Manufacturer
Risk to Business: Extreme
Taiwan Semiconductor Manufacturing Company (TSMC), the world’s leading contract chipmaker and one of Apple’s main suppliers, has confirmed that it has experienced a data breach due to a cyberattack on one of its suppliers. TSMC was listed on LockBit’s website as a victim, but TSMC claims that the data was stolen from supplier Kinmax, a system integrator. National Hazard Agency, a subgroup of LockBit, shared screenshots of directory listings of stolen TSMC files on its leak website as well as a demand for a stunning $70 million ransom.
How it Could Affect Your Customers’ Business: With the world already facing a chip shortage, anything that impacts the operations of a chipmaker is problematic.