Two automotive companies get hit by ransomware, a remarkable tale of a data loss incident for one Japanese city and why MSPs need to be careful about cyber threats to their own businesses right now.
United States
Flagstar Bank
https://www.housingwire.com/articles/flagstar-reports-data-breach-affecting-1-5-million-clients/
Exploit: Hacking
Flagstar Bank: Banking & Financial Services
Risk to Business: 1.617 = Severe
Flagstar Bank disclosed that they’ve had a data breach that impacts an estimated 1.5 million customers. The Michigan-based bank says that the cyberattack occurred on Dec. 3 and Dec. 4, 2021. However, the company did not determine who was affected until June 2022. The data breach happened during Flagstar Bancorp’s acquisition by New York Community Bank. The US financial organization is headquartered in Michigan and operates over 150 branches in areas including Indiana, California, Wisconsin, and Ohio.
Individual Risk: 1.878 = Severe
The only available information about the breached data says that the Social Security numbers were exposed.
How It Could Affect Your Customers’ Business: Banking & Finance was the sector that experienced the most cyberattacks including ransomware in 2021.
ADM Associates, Inc.
https://www.jdsupra.com/legalnews/adm-associates-inc-announces-data-breach-3316382/
Exploit: Hacking
ADM Associates: Energy Consulting
Risk to Business: 2.785 = Moderate
Energy evaluation company ADM Associates has reported a data breach impacting consumers. The company said that between August and September 2021 an unauthorized individual may have accessed and acquired certain information from its systems. ADM associates does energy research and evaluation for public utility companies. Affected individuals have been informed via letter and the company is offering free credit monitoring.
Individual Risk: 2.831 = Moderate
Exposed information may include customer PII including names, addresses and other identifying data as well as sensitive financial information and Social Security numbers.
How It Could Affect Your Customers’ Business SMBs that handle or store large amounts of data have been high on cybercriminal shopping lists, particularly in recent months.
Atrium Health
Exploit: Phishing
Atrium Health: Medical System
Risk to Business: 1.601 = Severe
North Carolina-based Atrium Health has announced a data breach impacting 7,000 patients. The healthcare provider says that an employee at Atrium Health at Home fell victim to a phishing attack, resulting in bad actors accessing that employee’s email and messaging account in April 2021. Atrium is mailing letters to the affected patients and hasn’t determined whether the unauthorized user accessed the protected health information in the accounts.
Individual Risk: 1.733 = Severe
Patient PII that was exposed included names, addresses, dates of birth and health insurance information. A limited number of patients may have also had their Social Security numbers, driver’s license numbers and financial account numbers compromised in the breach.
How It Could Affect Your Customers’ Business: Healthcare data is always a desirable commodity for bad actors and letting them get their hands on it is always an expensive mistake for healthcare providers.
SOUTH AMERICA
Brazil – Fast Shop
Exploit: Ransomware
Fast Shop: Online Retailer
Risk to Business: 1.872 = Severe
A ransomware attack at Brazilian retailer Fast Shop ended up shutting down the company’s online store briefly. The outage impacted the company’s main website, mobile apps and online ordering system. An unnamed hacking group claimed that they’ve snatched the company’s data from various cloud services including AWS, AZURE, GITLAB and IBM cloud including source codes, PCI data, and various user and corporate data. Bad actors also took control of the company’s Twitter account where they announced the breach.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business: Cybercriminals love to hit online retailers because of the possibility they’re storing profitable sensitive personal and financial customer data
UNITED KINGDOM & EUROPEAN UNION
United Kingdom – Yodel
https://www.infosecurity-magazine.com/news/yodel-cyber-incident-disrupts-uk/
Exploit: Ransomware
Yodel: Logistics Company
Risk to Business: 2.183 = Severe
UK delivery company Yodel has experienced a suspected ransomware attack that has disrupted its services. Yodel’s tracking and customer services went down over the weekend as a result of the attack and the company is working to restore its services. The firm says that it doesn’t hold any customer payment information, and Yodel is currently investigating whether any personally identifiable information (PII) pertaining to clients has been taken.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business Aside from the initial expense, ransomware can also lead to lost productivity, lost business and reputation loss.
ASIA & PACIFIC
Japan – Nichirin
https://www.securityweek.com/us-subsidiary-automotive-hose-maker-nichirin-hit-ransomware
Exploit: Ransomware
Nichirin: Auto Parts Manufacturer
Risk to Business: 2.206= Severe
Auto hose manufacturer Nichirin has announced that its U.S. subsidiary, Nichirin-Flex USA, has experienced a ransomware attack. The incident has caused the company to take production and technology systems offline, potentially impacting the manufacturing and delivery of customer orders. The firm’s website was briefly taken offline, and the damage appears to have been limited to the company’s U.S. operations.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business Manufacturers aren’t safe from cybercriminals looking to score fast payments to prevent supply chain disruption.
Japan – TB Kawashima
https://www.theregister.com/2022/06/27/security_in_brief/
Exploit: Ransomware
TB Kawashima: Auto Parts Manufacturer
Risk to Business: 2.206 = Severe
In this week’s second incident at a Japanese auto parts company, automotive fabrics company TB Kawashima has disclosed that it has been the victim of a ransomware attack. The LockBit group has claimed responsibility. TB Kawashima is a division of Toyota Boshoku of the Toyota Group of companies. The company’s website was knocked offline, but they expect minimal impact on production or sales.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business Manufacturers that are linchpins in a supply chain are prime targets for hackers these days.
Japan – The City of Amagasaki
https://www.theregister.com/2022/06/27/security_in_brief/
Exploit: Insider Threat (Employee Mistake)
Amagasaki: Municipal Government
Risk to Business: 1.772 = Severe
In this week’s most interesting breach tale, the city of Amagasaki, Japan has found itself embroiled in a data breach thanks to the actions of one careless worker. A contractor who was working for this city to disburse pandemic subsidies took a USB drive containing numerous city records out of the office. But rather than heading straight home, the worker decided to go out on the town. That resulted in the worker passing out in the street and losing the bag containing the USB and all that city data.
Individual Risk: 1.613 = Severe
The USB contained names, birth dates, addresses, tax details, banking information and social security records for city residents.
How it Could Affect Your Customers’ Business Data stored on physical devices is data that can be more easily misplaced or lost with careless handling.
You can read the rest of the ID Agent post here for additional information
