Hacks, Attacks and Breaches: 8/12/2020 to 8/18/2020
Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Michigan State University: Institution of Higher Learning
Risk to Small Business: Just in time for back to school, attackers were able to steal credit card and personal information from roughly 2,600 users of Michigan State University’s online store. Cybercriminals used malicious scripts designed to harvest and exfiltrate customers’ payment cards between Oct. 19, 2019, and June 26, 2020.
How it Could Affect Your Business: Magecart or skimming attacks are a regular tool of the trade for cybercriminals and the data that they collect often ends up for sale on the Dark Web.
Brown-Forman: Wine and Spirits Conglomerate
Risk to Small Business: REvil ransomware strikes again, this time at beverage giant Brown-Forman, the maker of Jack Daniel’s and other spirits. Although the company has been mum on the details of the attack aside from claiming it successfully prevented attackers from encrypting its files, the cybercriminal gang says that 1TB of corporate data is now in their hands and it will most likely be leaked online in batches.
How it Could Affect Your Business: Ransomware often makes its way into company inboxes in the form of a phishing email. Phishing resistance training must be a crucial component of any company’s cybersecurity strategy.
Exploit: Email Account Compromise
FHN: Healthcare System
Risk to Small Business: In a just disclosed incident, an unspecified “email account compromise” of “several” employee accounts resulted in a data breach that impacted patient PII at FHN healthcare facilities in Illinois. An unauthorized party was detected accessing employee email accounts on February 12 and 13. Information that may have been exposed in the breach included some patients’ names, dates of birth, medical record or patient account numbers, health insurance information, and limited treatment and/or clinical information, such as provider names, diagnoses, and medication information. In some instances, patients’ health insurance information and/or Social Security numbers were also identified as exposed in the compromised email accounts.
How it Could Affect Your Business: Not only will this cause customer anger, this breach will also incur a potentially substantial HIPPA violation penalty. Placing better protections, including multifactor authentication, on systems that handle sensitive data can prevent incidents like this from happening.
Exploit: Phishing/Accidental Data Sharing
SANS Institute: Cybersecurity Education and Certification
Risk to Small Business: Somebody needs to stay after class for extra tutoring at SANS Institute after an accidental data sharing incident led to a data breach that exposed over 28,000 PII records. The information was apparently mistakenly forwarded to an outside party. The forwarded emails included files that contained some subset of email, first name, last name, work title, company name, industry, address, and country of residence. One phishing email resulted in 513 emails full of PII being forwarded to the external address and malicious Office 365 add-on was also installed on the infected machine as part of the attack.
How it Could Affect Your Business: The most common delivery system for ransomware is a phishing email – and 90% of incidents that end in a data breach start with a phishing email. Boosting phishing resistance is essential to lower the chance of a successful ransomware attack.