Hacks, Attacks and Breaches: 2/3/2021 to 2/9/2021
Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Exploit: Third Party Data Breach
Washington State Auditor: Regional Government Regulator
Risk to Small Business: The unemployment claims data of more than 1 million people in Washington State has been reported as stolen in a hack of software used by the state auditor’s office. The State announced the breach after receiving notice that it was involved through a third-party service provider, Accellion, a software provider the auditor’s office uses to transfer large computer files. the breach affects the personal information of people who filed for unemployment claims with the Washington Employment Security Department (ESD) between Jan. 1, 2020, and Dec. 10, 2020, and included a total of 1.6 million claims. Those claims represent at least 1.47 million individuals, according to data from the ESD website.
How it Could Affect Your Business: Data like this is sought-after by cybercriminals to power phishing operations. Unfortunately for these folks, it often hangs around for years on the Dark Web, acting as fuel for future cybercrime.
DSC Logistics: Shipping and Freight Logistics
Risk to Small Business: DSC logistics received an unwelcome delivery of Egregor ransomware. The attack was announced on the gang’s ransomware site. The company noted that it was successfully able to continue operations without incident. DSC has called in outside experts to investigate and declined to comment on whether any data was stolen.
How it Could Affect Your Business: Ransomware has been a plague on every industry, but freight and logistics companies have been hit especially hard in recent months.
DriveSure: Customer Retention Platform
Risk to Small Business: Hackers dropped data on 3.2 million DriveSure users on the Raidforums hacking boards late in January. One leaked folder totaled 22 gigabytes and included the company’s MySQL databases, exposing 91 sensitive databases. The databases range from detailed dealership and inventory information, revenue data, reports, claims and client data. A second compromised folder contained 11,474 files in 105 folders and totals 5.93 GB, likely a repository of backup data.
How it Could Affect Your Business: Data isn’t always stolen via ransomware – sometimes it’s just old-fashioned hacking. That’s one reason why it’s essential to use a secure identity and access management solution to keep hackers locked out.
WestRock: Packaging Manufacturer
Risk to Small Business: Packaging giant WestRock has experienced a ransomware attack that has impacted both its manufacturing and IT environments, severely impacting production. The company has noted in an announcement to shareholders that it expects that continued delays during the recovery and cleanup process are expected.
How it Could Affect Your Business: Ransomware can be especially devastating to manufacturing companies by not just impacting office business but halting production, leading to a cascade effect.
SN Servicing Company: Mortgage Loan Services
Risk to Small Business: SN Servicing, the California-based servicing arm of Security National Master Holding Company, disclosed a data breach impacting clients in Vermont and California. The incident was also reported by the Egregor ransomware gang. SN Servicing says that it has engaged a third-party team of investigators to determine the scope of the incident.
How it Could Affect Your Business: Ransomware is around every corner these days, and just one mis click on a phishing email can spell disaster.