August 24, 2022

The Week in Breach News: 08/17/22 – 08/23/22


 It’s all ransomware all the time this week with a spate of damaging attacks in the U.S., U.K. and South America. Plus, find out which training videos are the most popular and take a look at the two threats that make up almost three-quarters of cyberattacks. 


United States


Entrust

https://www.securityweek.com/ransomware-group-threatens-leak-data-stolen-security-firm-entrust

Exploit: Ransomware

Entrust: Cybersecurity Solutions Company

Risk to Business: 1.877 = Severe

Entrust has fallen victim to a ransomware attack by the LockBit group. LockBit added Entrust to its Tor site last Thursday. The Minneapolis-based provider of payment security solutions confirmed the incident. The company admitted that threat actors had gained access to systems used for HR, finance and marketing, but said there was no evidence that the operation or security of its products and services was impacted. 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time

How It Could Affect Your Customers’ Business: Ransomware groups have been ramping up operations, with risk up by over 60%.


Practice Resources LLC

https://www.cshub.com/attacks/news/almost-one-million-people-affected-by-medical-billing-ransomware-attack

Exploit: Misconfiguration

Practice Resources LLC: Medical Billing Service 

Risk to Business: 1.687 = Severe

Practice Resources LLC (PRL) is at the center of a ransomware attack that led to a supply chain data breach impacting 26 healthcare organizations. In a filing, PRL declared that 942,138 people had data exposed in the April 2022 incident. The company provides billing and other related services to healthcare providers. PRL declared that it has sent out data breach letters to all affected parties.  

Individual Risk: 1.733 = Severe

The information exposed in the attack included patient names, addresses, health plan numbers, dates of treatment, and medical record numbers. 

How It Could Affect Your Customers’ Business Supply chain risk has been a constantly rising risk for businesses as bad actors target service providers. 


Valent U.S.A. LLC 

https://www.jdsupra.com/legalnews/valent-u-s-a-llc-announces-data-breach-5375329/

Exploit: Ransomware

Valent U.S.A. LLC: Agricultural Chemical Manufacturing

Risk to Business: 1.902 = Severe

Chemical company Valent U.S.A. LLC has filed notices that it experienced a data breach as a result of a suspected ransomware attack. The company revealed that the attack was discovered when employees were unable to access some of Valent’s computer systems and subsequently discovered that files had been encrypted. Valent said that it secured its network and then retained an outside cybersecurity firm to investigate the incident.

Individual Risk: 1.768 = Severe

The company says the breach resulted in the names, Social Security numbers, driver’s license numbers, passport numbers, financial account information, medical information and dates of birth of certain individuals being compromised.

How It Could Affect Your Customers’ Business: Both the Chemical and Agricultural sectors have been under heavy pressure from bad actors in the last 12 months. 


Brasseler USA

https://www.jdsupra.com/legalnews/brasseler-usa-announces-data-breach-4677092/

Exploit: Ransomware

Brasseler USA: Dental Equipment Manufacturer

Risk to Business: 2.077 = Severe

Brasseler USA has disclosed that it experienced a data breach as a result of a ransomware attack. The company discovered that this incident occurred in June 2022. In July 2022, the company learned that certain files containing sensitive consumer data were compromised. The company says that it reported the incident to law enforcement and then worked with third-party data security specialists to investigate the scope of the cyberattack Brasseler USA is a dental and surgical product manufacturer based in Savannah, Georgia.

Individual Risk: 1.966 = Severe

Breached information varies depending on the individual, but may include an individual’s name, Social Security numbers, driver’s license numbers, passport number, financial account information (including debit card and credit card numbers), medical and insurance information and other information, such as date of birth. 

How it Could Affect Your Customers’ Business: Manufacturing companies have ad it rough as bad actors seek valuable OT and personal data.


The Government of Fremont County, Colorado

https://www.canoncitydailyrecord.com/2022/08/17/fremont-county-government-offices-closed-after-cyber-security-attack/ 

Exploit: Ransomware

The Government of Fremont County, Colorado: Regional Government 

Risk to Business: 1.684 = Severe

The government of Fremont County, Colorado has been paralyzed by a cyberattack that left employees unable to connect to networks or access email. Local reports say that the Fremont County Administration Building, Garden Park Building, Department of Human Services and Fremont County Sheriff’s Office are closed to the public, although the Sherrif’s Office is still operating. The phone systems for the impacted offices are still working. A spokesperson said that they do not believe that any data was stolen. Efforts are underway to restore services.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business It pays to remember that the most likely vector for ransomware is a phishing message.


South America


Argentina – Judiciary of Córdoba

https://www.itworldcanada.com/article/canadian-recreational-vehicle-maker-brp-ontario-cannabis-store-dealing-with-cyber-attacks/497252 

Exploit: Ransomware

Judiciary of Córdoba: Government Entity

Risk to Business: 1.429 = Severe

New ransomware group Play has hit Argentina’s Judiciary of Córdoba. The government entity was forced to shut down its IT systems last week and its online portal and was left only able to conduct business through old-fashioned paper and pen. The Judiciary confirmed that it was hit by ransomware and engaged with Microsoft, Cisco, Trend Micro, and local specialists to investigate the attack and restore services.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Governments have been popular targets for cybercriminals even when they’re not nation-state aligned. 


United Kingdom & European Union


United Kingdom – South Staffordshire PLC 

https://www.energylivenews.com/2022/08/17/uk-water-company-hit-by-cyber-attack/

Exploit: Ransomware

South Staffordshire PLC: Utility Company

Risk to Business: 2.173 = Severe

This week’s most interesting story starts with South Staffordshire PLC. The parent company of South Staffs Water and Cambridge Water confirmed on Monday that it was the victim of a ransomware attack. The Cl0p ransomware gang claimed responsibility but named the wrong water company on its dark web leak site. The group initially said that the victim was Thames Water and not South Staffordshire. Thames Water is the United Kingdom’s largest water supplier, serving 15 million customers in Greater London and other areas on the river that runs through the city. Data posted to the gang’s dark web site includes a spreadsheet of usernames and passwords featuring South Staff Water and South Staffordshire email addresses.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Cybercriminals love to go after utility companies because of the high chance they’ll get paid to avoid service disruptions. 


United Kingdom – Holdcroft Motor Group

https://techmonitor.ai/technology/cybersecurity/holdcroft-motor-group-cyberattack

Holdcroft Motor Group: Car Dealerships

Risk to Business: 1.634 = Severe

U.K. auto retailer Holdcroft Motor Group has admitted that it has fallen victim to a ransomware attack that has led to some dire consequences. The company said that the July 2022 attack caused significant damage, resulting in the deletion of data from its servers. Internal investigations revealed that some of the data that was compromised may have contained employee personal information. Holdcroft Motor Group operates nine different dealer franchises across 23 locations in the Midlands and north of England. 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Paying the bad guys doesn’t mean you’re getting your data back, more than 90% of organizations that pay don’t get all their data back.

You can read the rest of the ID Agent post here for additional information

IT Services

Your Cybersecurity Questions, Answered .

If you’re like a lot of our customers, you have some big questions about cybersecurity almost every day.
We Can Help
© Copyright 2020 - Advantex - All Rights Reserved | Sitemap