Back to top

Hacks, Attacks and Breaches: 12/2/2020 to 12/8/2020

Suzanne Gassman

Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.

The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.

United States – Greater Baltimore Medical Center

Exploit: Ransomware
Greater Baltimore Medical Center: Hospital 

Risk to Small Business: A ransomware attack left Greater Baltimore Medical Center (GBMC) scrambling after many of its systems were knocked offline, impacting patient care. Procedures scheduled for 12/07/20 had to be rescheduled. Backups and workarounds enabled the hospital to keep functioning as the attack was investigated and mitigated. Recovery is ongoing.

How it Could Affect Your Business: Ransomware is increasingly being used as a way to cause operational disruptions instead of just snatching data, complicating its impact.

United States – AspenPointe

Exploit: Unauthorized Database Access
AspenPointe: Healthcare Non-Profit 

Risk to Small Business: AspenPointe has disclosed a large data breach that exposed personally identifying information (PII) of patients working with non-profit organizations that it manages including participants in its mental health and substance misuse programs. The unauthorized access took place in early September 2020 and it’s unclear how much data was stolen. AspenPointe is a nonprofit funded by Medicaid, state, federal, and local government contracts, as well as donations, that manages 12 organizations providing care and counseling in Colorado.

How it Could Affect Your Business:  Data breaches at any business are bad news, but at a business like this, it’s a nightmare. Not only will AspenPointe have to deal with the corporate fallout, but regulators are also going to come calling with fines as well, making this incident extra expensive.

United States – Philabundance

Exploit: Business Email Compromise
Philabundance: Hunger Relief Non-Profit

Risk to Small Business: Hunger relief charity Philabundance got bilked by BEC scammers at the worst possible time. The charity, which fed 54,700 Philadelphians weekly in 2019, is now feeding 134,800 people each week. This incident occurred when the organization paid a construction bill of over $923,000 for a new $12 million facility built in North Philly for its Community Kitchen program, only to discover that they’d paid scammers instead. It’s believed that the con was enabled by a hack on the charity’s computer systems in July that enabled scammers to divert legitimate email from the construction company and replace it with their own fakes. Philabundance says that daily operations will not be impacted by the incident, but it remains a huge problem for this organization at a time when so many Americans rely on programs like this to keep their families fed.

How it Could Affect Your Business: Business email compromise scams are some of the thorniest problems that every business faces. Good regularly refreshed security awareness training will help employees spot and stop BEC scams.

United States – Kmart

Exploit: Ransomware
Kmart: Retail Store Chain

Risk to Small Business: Already beleaguered retailer Kmart did not need the extra complications that came with the Egregor ransomware attack that was delivered to their door. The incident has encrypted devices and servers connected to the company’s networks, knocking out back-end services and corporate operations functions. Retail stores are operating normally, and no consumer impact has been reported.

How it Could Affect Your Business: Ransomware is a disaster for any business, but it’s an especially cruel problem for a non-profit these days.