What happened this week? Malicious insiders speed off with data at Tesla and The Clorox Company faces a big cleanup after a ransomware mess.
The latest Hacks, Attacks and Breaches cybersecurity news update is here to give you what you need to stay informed, each week.
Read the top cybersecurity stories this week to keep up with hacking, computer security, ransomware and other cybersecurity threats. Here’s what’s in store this for 08/16/23 – 08/22/23. If you missed last’s week’s news, read Hacks, Attacks and Breaches: Snowballing Out of Control
Tesla
Exploit: Malicious Insider
Tesla: Car Company
Risk to Business: Extreme
Tesla has admitted that it had a data breach in May 2023 that was caused by malicious insiders. Allegedly, two or more Tesla employees stole data including customer data from Tesla and leaked it. The German news outlet Handelsblatt obtained the data and published an analysis of it, which is how Tesla found out about the data breach. The treasure trove contained 100 gigabytes of confidential data, which included employees’ names and contact information such as addresses, cell phone numbers, and email addresses. The leaked data also included around 2,400 customer complaints about Tesla cars suddenly accelerating and a further 1,500 complaints of braking issues, including 383 cases of “phantom braking”.
How it Could Affect Your Customers’ Business: No matter how loyal a company’s staff may seem, no company should ever discount the possibility of malicious insider activity.
The Clorox Company
Exploit: Ransomware
The Clorox Company: Consumer Product Manufacturer
Risk to Business: Extreme
The Clorox Company, best known for producing liquid bleach and cleaning products, is facing a cleanup of its own after it was forced to take some systems offline to clean up after being hit with a probable ransomware attack. The company said that the attack has impacted and will continue to impact its operations but did not specify which products may be impacted. The company did not say if any data was accessed or stolen by the bad actors. Clorox said that it has informed law enforcement of the incident and it is working with third-party cybersecurity experts to investigate the attack and restore its operations.
How it Could Affect Your Customers’ Business: A ransomware attack can be especially devastating for a manufacturer by shutting down production lines and disrupting other OT.
Prince George’s County Public Schools (PGPS)
Exploit: Hacking
Prince George’s County Public Schools (PGPS): Education Authority
Risk to Business: Severe
Right at the start of the school year, Prince George’s County Public Schools in Maryland announced that it was the victim of a cyberattack. The attack caused a broad internet outage throughout the system. impacted 4,500 of 180,000 accounts. PGPS said that it believes that the majority of the impacted accounts belonged to staffers, emphasizing that no impact has been observed in its primary business and student information systems. An investigation is ongoing.
How it Could Affect Your Customers’ Business: Schools have been under siege by bad actors hoping to score a quick ransomware payment.
Geico
Exploit: Supply Chain Attack
Geico: Insurer
Risk to Business: Moderate
Insurance giant Geico is the most recent company to become entangled in the MOVEit exploit saga. The company confirmed to reporters that it has experienced a data breach that has led to the exposure of employee personal data due to a service provider’s use of MOVEit. Geico sent employees a letter advising them that their data had been exposed but did not specify exactly what data may have been impacted.
How it Could Affect Your Customers’ Business: Supply chain attacks are escalating, and just one attack on a supplier can be a big problem that brings big bills for any organization.
M&T Bank
Exploit: Supply Chain Attack
M&T Bank: Bank
Risk to Business: Severe
On August 14, 2023, M&T Bank filed a notice of data breach with the Attorney General of Massachusetts. In this notice, M&T explains that the breach is the result of a data security incident at a service provider related to the MOVEit exploit that resulted in an unauthorized party being able to access consumers’ sensitive information including manes and account data. M&T Bank is offering free credit monitoring services to anyone affected by the breach. The incident is in the early stages of investigation.
United Kingdom – Swan Retail
Exploit: Hacking
Swan Retail: Business Services Provider
Risk to Business: Severe
The UK’s retail business services provider Swan Retail had been knocked offline, causing a major disruption for more than 300 independent retailers. The August 13, 2023, attack impacted Swan Retail’s inventory management, order fulfillment and accounting systems. The company works with around 300 independent retailers around the UK in a variety of verticals including fashion, home goods, sports, catering and garden centers. Swan Retail said it is working to restore systems quickly.
How it Could Affect Your Customers’ Business: This is a good example of what happens when an important service provider gets shut down by ransomware.
Australia – Energy One
Exploit: Hacking
Energy One: Business Software Provider
Risk to Business: Moderate
Wholesale energy software provider Energy One has revealed that a cyberattack on August 18, 2023, resulted in some corporate systems in Australia and the United Kingdom being taken offline. Energy One specified that it has disabled some links between its corporate and customer-facing systems as a safety measure. It is also working to determine what if any data was accessed by the attackers. The company said it has engaged cyber security specialists, CyberCX, and alerted the Australian Cyber Security Centre and certain UK authorities about the incident, which remains under investigation.
How it Could Affect Your Customers’ Business: It is important that companies ensure that they have a plan in place for all types of incidents.
Australia – The au Domain Administration
Exploit: Ransomware
The AU Domain Administration: Domain Authority
Risk to Business: Extreme
The au Domain Administration has finally admitted that it has been the victim of a cyberattack by the ransomware group NoEscape. AuDA had maintained that it had not fallen victim to a cyberattack initially but changed its tune after the ransomware group posted a sample of AuDA’s data on its leak site. NoEscape says that it has pilfered more than 15GB of data, providing screenshots of some AuDA customer documents as proof of the hack. AuDA said that it is auDA working with the Australian Cyber Security Centre, the Department of Home Affairs and the Office of the Australian Information Commissioner as well as outside cybersecurity experts in its ongoing investigation.
How it Could Affect Your Customers’ Business: Ransomware can hit any organization in any sector, and every business needs to be ready.
