October 26, 2022

The Week in Breach News: 10/19/22 – 10/25/22


Cyberattacks sour the year for wine merchants iDealwine and Vinomofo, Microsoft makes a configuration blunder and 6 reasons why prioritizing cybersecurity is vital for SMBs that may sway even the most skeptical decision-makers.


United States


Microsoft

https://thehackernews.com/2022/10/microsoft-confirms-server.html

Exploit: Misconfiguration

Microsoft: Software Company

Risk to Business: 1.802 = Severe

Microsoft confirmed that it inadvertently exposed information related to thousands of customers following a misconfiguration of Azure Blob Storage. The company said in a statement that the misconfiguration “resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services”. The misconfiguration of the Azure Blob Storage was spotted on September 24, 2022. Microsoft states that the exposed data included names, email addresses, email content, company name, and phone numbers and attached files relating to business “between a customer and Microsoft or an authorized Microsoft partner.” 

How It Could Affect Your Customers’ Business: Even the biggest companies can fall victim to human error and be stuck dealing with unpleasant consequences.


MedStar Mobile Healthcare 

https://www.cbsnews.com/dfw/news/medstar-reports-its-computer-network-was-hit-by-a-cyberattack/

Exploit: Ransomware

Medstar Mobile Healthcare: Ambulance Service

Risk to Business: 1.423 = Extreme

Emergency medical services and ambulance company MedStar in Texas was hit by a cyberattack that impacted its ability to dispatch ambulances and respond to 911 calls. The attack occurred on October 20. The company said that they quickly isolated connected systems to assure the breach was quarantined. MedStar was forced to resort to manually dispatching calls over a public safety radio until they could determine that computer systems were secure. The company said it does not think that PHI like 911 call records was accessed by the attackers. 

How It Could Affect Your Customers’ Business: Ransomware is especially nasty in the healthcare sector because it leads to adverse patient outcomes.


United Kingdom & European Union


United Kingdom – Kingfisher Insurance

https://techmonitor.ai/technology/kingfisher-insurance-ransomware-lockbit

Exploit: Ransomware

Kingfisher Insurance: Insurer 

Risk to Business: 2.107 = Severe

Kingfisher Insurance has been hit by a ransomware attack courtesy of LockBit 3.0. The cybercrime group claims to have lifted 1.4 terabytes of information from the company. That data may include the personal data of employees and customers. The gang has demanded that Kingfisher pay the unspecified ransom by November 28 to avoid having the data published. The gang released a sample of the stolen data as proof including information from management system accounts and passwords from Workaday and Access databases.  

How It Could Affect Your Customers’ Business: Ransomware practitioners are especially interested in service and supply chain businesses because of all of the information they store. 


Germany – Metro Cash and Carry

https://www.bleepingcomputer.com/news/security/wholesale-giant-metro-hit-by-it-outage-after-cyberattack/

Exploit: Hacking

Metro Cash and Carry: Hospitality Wholesaler

Risk to Business: 1.624 = Severe

Hospitality wholesale giant Metro is experiencing infrastructure outages and store payment issues following a cyberattack. The IT outages have been affecting stores in Austria, Germany and France since at least October 17, although the company’s stores remain in operation. Metro says that it was forced to set up offline payment systems and that customers should expect online orders to be delayed. No word on if any data was exposed or stolen was available at press time.

How it Could Affect Your Customers’ Business: Supply chain cyberattacks have been an increasing burden for wholesalers in every sector. 


France – iDealwine

https://www.helpnetsecurity.com/2022/10/19/idealwine-data-breach/ 

Exploit: Hacking

iDealwine: Online Wine Marketplace

Risk to Business: 2.619 = Moderate

eMerchant iDealwine was knocked offline by hackers for several days. iDealwine has disclosed that it experienced a data breach as a result of the incident. The French company specializes in online auctions and fixed-price sales of fine wine and also offers customers information about news and trends in the wine industry. The company’s website has since been restored.  

Individual Risk: 2.702 = Moderate

It has informed its customers that their name, address, telephone number and email address may have been compromised. The company was quick to note that customers’ credit card/bank information has not been compromised.

How it Could Affect Your Customers’ Business: Retail businesses have been experiencing a high level of cybersecurity trouble in 2022. 


Asia & Pacific


Singapore – Carousell

https://www.straitstimes.com/singapore/data-of-alleged-26m-carousell-accounts-being-sold-on-dark-web-hacking-forums

Exploit: Hacking

Carousell: Online Retail Marketplace 

Risk to Business: 1.684 = Severe

A database of user accounts believed to have been stolen from online marketplace Carousell is being sold on the dark web. Carousell said on Friday that 1.95 million user accounts were compromised after a bug was introduced during a system migration, giving bad actors a quick path inside the company’s systems. It assured users that no credit card and payment-related information was compromised. Hackers uploaded the 2GB database on Oct 12, two days before Carousell confirmed the breach. In an interesting twist, the hackers said they will be selling only five copies of the database.  

How it Could Affect Your Customers’ Business: Retailers need to be especially careful about security as we head into the winter holiday season. 


Australia & New Zealand


Australia – EnergyAustralia

https://www.theguardian.com/australia-news/2022/oct/21/energyaustralia-latest-to-be-hit-by-cyber-attack-as-details-of-hundreds-of-customers-exposed

Exploit: Hacking

EnergyAustralia: Electricity Utility

Risk to Business: 2.783 = Moderate

EnergyAustralia has become the latest company to be targeted by a cyber-attack, with hundreds of customers’ details exposed. In a statement released late on Friday, the electricity company said 323 residential and small business customers were affected by unauthorized access to their online platform, My Account. The company said there was “no evidence” customer details were transferred outside the company’s platform. They also said sensitive documents such as driver’s licenses or passports were not stored on the platform. No other EnergyAustralia systems were affected. The breach occurred in late September and customers were informed in October.  

Individual Risk: 2.801= Moderate

Details including customer names, addresses, email addresses, electricity and gas bills, phone numbers and the first six and last three digits of their credit cards are all included with those accounts.   

How it Could Affect Your Customers’ Business: Utility companies in Australia have had a rough fall as cybercriminals continue to hammer Australian organizations.


Australia – Vinomofo

https://itwire.com/business-it-news/security/vinomofo-suffers-security-breach.html

Exploit: Hacking

Vinomofo: Online Wine Marketplace 

Risk to Business: 1.771 = Severe

Online wine sales company Vinomofo has disclosed a data breach after an intruder accessed customers’ personal information. Hackers gained access to Vinomofo’s client records through a test platform that the company was using as part of a new website rollout. Vinomofo discovered signs of the breach on September 27. In a statement, the company said that it doesn’t hold identity or financial data such as passports, driver’s licenses or credit cards/bank details. The company did not say how many of its customers were impacted in this breach.  

Individual Risk: 1.837 = Severe

Names, addresses, emails, gender identities, phone numbers and dates of birth may have been accessed by bad actors in this incident. 

How it Could Affect Your Customers’ Business: Unfortunately, online retailers have been experiencing a high level of cyberattacks in 2022.


You can read the rest of the ID Agent post here for additional information

IT Services

Your Cybersecurity Questions, Answered .

If you’re like a lot of our customers, you have some big questions about cybersecurity almost every day.
We Can Help
© Copyright 2020 - Advantex - All Rights Reserved | Sitemap