Hacks, Attacks and Breaches: Life and Liberty

The latest Hacks, Attacks and Breaches cybersecurity news update is here to give you what you need to stay informed, each week.

Read the top cybersecurity stories this week to keep up with hacking, computer security, ransomware and other cybersecurity threats. Here’s what’s in store for 10/18/23 – 10/24/23 on #HacksAttacksBreaches:

• Two healthcare targets are breached by ransomware.
• ALPHV/BlackCat snatches data from a bank equipment firm – watch your money!
• The FBI is helping a California district attorney’s office investigate after they fell victim to a cyberattack of unknown origin.

If you missed last’s week’s news, read Hacks, Attacks and Breaches: Retail Theft and Federal Warnings.

Ampersand

Exploit: Ransomware
Ampersand: Analytics Agency

Risk to Business: Moderate

---

AIDS Alabama

Exploit: Ransomware
AIDS Alabama: Non-Profit

Risk to Business: Extreme

Charity AIDS Alabama has disclosed that the organization has experienced a data breach of some very sensitive data. AIDA Alabama said that the breach occurred between October 11, 2021, and August 9, 2022. The exposed data includes sensitive personal information, including names, addresses, Social Security numbers, medical diagnoses, healthcare providers, health insurance details, email addresses and services received.  

How it Could Affect Your Customers’ Business: Organizations that hold this kind of highly sensitive medical data need to put especially strong protection in place.

---

Orange County District Attorney

Exploit: Hacking
Orange County District Attorney: Government Agency

Risk to Business: Moderate
The Orange County, California District Attorney’s Office has disclosed that it has been the victim of a cyberattack. A spokesperson for the office said that the office’s IT systems were hacked last weekend, resulting in portions of the system being shut down to limit damage. The agency’s ability to send and receive email was affected. The agency also said that it is investigating the incident in concert with the U.S. Federal Bureau of Investigation. The spokesperson was unable to comment on whether or not this was a ransomware attack, or if any data was stolen. The Orange County Sheriff’s Department said that it had severed its connection with the DA’s office to minimize its cyber risk after it was informed of the hack.  

How it Could Affect Your Customers’ Business: Government agencies have been prime targets for bad actors looking for a quick payday.

---

Quality Service Installation (QSI)

Exploit: Ransomware
Quality Service Installation (QSI): Bank Equipment Company

Risk to Business: Severe
The busy ALPHV/BlackCat ransomware group has also claimed responsibility for a ransomware attack on banking equipment provider Quality Service Installation (QSI). The company is a major supplier of NCR cash handling solutions including ATMs. The group says that it stole a wide variety of data including financial, client, personal and product-related data from the QSI INC cyberattack. They also claimed that they nabbed SQL base data amounting to 5TB in the October 14 incident.

How it Could Affect Your Customers’ Business: Ransomware has been heavily used in attacks against financial targets like banks and credit companies.

---

Kwik Trip

Exploit: Hacking
Kwik Trip: Convenience Store Chain

Risk to Business: Severe
The convenience store chain Kwik Trip has finally admitted that it suffered a cyberattack that caused some operational disruption. The incident started two weeks ago, but the company claimed it was having a network problem and did not experience a cyberattack. However, customers were concerned that their data had been exposed. The company’s Kwik Rewards Program, support systems, phones and email were all knocked offline and are being restored.

How it Could Affect Your Customers’ Business:  Consumers don’t like doing business with companies that put their data at risk.

---

Arietis Health

Exploit: Hacking
Arietis Health: Revenue Cycle Management Company

Risk to Business: Severe
Arietis Health is the latest victim of the MOVEit exploit. The medical billing company is informing its partners that they may have had their patients’ data stolen. The incident has impacted more than 1.9 million individuals across more than 50 healthcare organizations. A variety of patient data was exposed including names, driver’s license numbers, Social Security numbers, dates of birth, medical record numbers, patient account numbers, diagnosis and treatment information, health insurance information, and prescription and provider information.

How it Could Affect Your Customers’ Business: The MOVEit exploit spree has hit an estimated 1k businesses worldwide.

---

United Kingdom – Volex

Exploit: Hacking

Volex: Electronics Manufacturer

Risk to Business: Severe
UK-based electronics and cabling manufacturing company Volex said that it was hit by a cyberattack that impacted its IT systems. The company said that bad actors gained access to its network last week. Volex was quick to reassure customers that all of its worksites remain operational, with minimal disruption expected in its global production. The company also said that it has hired a third-party firm to investigate the incident.

How it Could Affect Your Customers’ Business: Manufacturers have been increasingly under fire from cybercrime groups.

---

Taiwan – D-Link

Exploit: Hacking

D-Link: Network Hardware Manufacturer

Risk to Business: Moderate
D-Link, a leading manufacturer of routers, has experienced a data breach. The company claims that the data was not from the cloud but likely originated from an old D-View 6 system. D-Link said that the data was used for registrations in 2015. D-Link was involved in another data breach incident just two weeks ago after bad actors posted samples of the source code for D-Link’s D-View network management software on a dark web forum.

How it Could Affect Your Customers’ Business: That makes two data breaches in under a month – not a good look for any company.