July 13, 2022

The Week in Breach News: 07/06/22 – 07/12/22

Marriott gets hit by ransomware, another attack on an MSP, three things to remember when to secure your clients from a data disaster and everything you need to know about a new BullPhish ID integration that eliminates whitelisting and saves tech time.

United States

Marriott International 


Exploit: Ransomware

Marriott International: Hotel Operator 


Risk to Business: 2.783 = Moderate

Marriott is looking at another big data breach after a group of cybercriminals claims to have stolen an estimated 20 gigabytes of data, including financial data like credit card information and confidential information about guests and workers from an employee at the BWI Airport Marriott in Baltimore. The group identified themselves as GNN or “Group with No Name” to media outlets and sent along samples of the purportedly stolen data. Marriott contends that the stolen data consisted of “non-sensitive internal business files regarding the operation of the property.” The incident remains under investigation.  

How It Could Affect Your Customers’ Business: Hotels are a prime target for cybercriminals because they often have stores of valuable financial and personal data on guests.

American Marriage Ministries (AMM)


Exploit: Misconfiguration

American Marriage Ministries (AMM): Non-Profit  


Risk to Business: 2.617 = Moderate

American Marriage Ministries (AMM), a Seattle-based non-denominational religious organization that ordains wedding officiants, has suffered a data breach. Researchers say they’ve discovered 630 GB of data on about 185,000 officiants and roughly 15,000 married couples as well as their wedding guests exposed in an unsecured Amazon Web Services bucket. The data trove contained Ministers’ program application forms, over 500,000 ordination certificates and minister identification documents, and marriage licenses that contain details about newly wedded couples and more was included in the bucket. The incident was reported to FBI IC3.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time. 

How It Could Affect Your Customers’ Business SMBs that handle or store large amounts of data have been high on cybercriminal shopping lists, particularly in recent months.

SHI International


Exploit: Malware

SHI International: IT Services 


Risk to Business: 1.601 = Severe

New Jersey-based IT services provider SHI international suffered a major business disruption over the July 4 weekend after being forced offline by a cyberattack. The company disclosed that the defensive measures it had been forced to take to stop the attack included taking SHI’s public websites and email offline while the attack was investigated. Website and email outages lasted for several days before finally being resolved about July 10. Customers were told that they could still access their representatives by phone throughout the incident which remains under investigation. 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time. 

How It Could Affect Your Customers’ Business: MSPs, MSSPs and other IT/technical services providers have been frequent targets of cybercriminals recently and should strengthen security.

Yuma Regional Medical Center (YRMC)


Exploit: Ransomware

Yuma Regional Medical Center (YMMC): Medical System


Risk to Business: 1.903 = Severe

A ransomware attack that landed on Yuma Regional Medical Center (YRMC) in Arizona has exposed the protected health information of an estimated 700,000 patients. The company has disclosed that it experienced the ransomware attack in late April and that an unauthorized individual had access to YRMC’s systems from April 21 to April 25, allowing them to steal a subset of files from the systems. There was no impact on patient care.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time. 

How it Could Affect Your Customers’ Business: A data breach for a healthcare organization is especially damaging between incident costs and regulatory penalties.

WellDyneRx, LLC 


Exploit: Hacking

WellDyneRx, LLC: Pharmacy Benefits Management


Risk to Business: 2.304 = Severe

WellDyneRx has reported a data breach that resulted from unauthorized access to one of the company’s email accounts. The company filed a notice with the U.S. Department of Health and Human Services Office for Civil Rights regarding a data breach in December 2021, indicating that the company estimates the breach affected 38,401 individuals. WellDyneRX is a pharmacy benefit manager and oversees the administration of the pharmacy benefits portion of insurance policies on behalf of insurance companies at 65,000 retail pharmacies from major chains to mom-and-pop shops. 


Individual Risk: 2.215 = Severe

Cybercriminals may have accessed the names, dates of birth, Social Security numbers, driver’s license numbers, treatment information, health insurance information, contact information, prescription information, and other medical and healthcare-related information of individuals served by WellDyneRx.  

How it Could Affect Your Customers’ Business It’s not just hospitals and doctor’s offices, medical services providers are also experiencing surging risk with big penalties for failure to keep data safe.

United Kingdom & European Union

United Kingdom – Aon, PLC


Exploit: Hacking

Aon, PLC: Professional Services Provider 


Risk to Business: 2.829 = Moderate

AON, PLC, a U.K.-based company that handles risk mitigation for insurance, pension administration, and health insurance plans, has experienced a data breach that was recently isclosed in a notice on the Maine Attorney General’s Office website. Aon says that the data breach is believed to have affected as many as 31,799 individuals who have been informed via letter.  


Individual Risk: 2.836 = Moderate

The company says that an unauthorized party temporarily obtained documents that contained the names, driver’s license numbers, Social Security numbers, and some benefit enrollment information of plan enrollees.

How it Could Affect Your Customers’ Business professional services companies are prime targets for bad guys that are on the hunt for rich stores of data.

France – La Poste Mobile


Exploit: Ransomware

La Poste Mobile: Telecommunications Company


Risk to Business: 1.206 = Extreme

The Lockbit ransomware group has claimed responsibility for a ransomware attack on French telecommunications giant La Poste Mobile. The virtual mobile telephone operator La Poste Mobile was walloped by a ransomware attack on July 4 that paralyzed administrative and management services. The company was forced to suspend operations on its website and customer areas as part of its incident remediation.   

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time. 

How it Could Affect Your Customers’ Business Telecoms are prime targets for ransomware because of the y cannot afford any network downtime, making them likely to pay the ransom fast.

IT Services

Your Cybersecurity Questions, Answered .

If you’re like a lot of our customers, you have some big questions about cybersecurity almost every day.
We Can Help
© Copyright 2020 - Advantex - All Rights Reserved | Sitemap