Please fill in the form below to subscribe to our blog

The Week in Breach News: 01/06/20 – 01/12/21

January 13, 2021

This Week in Breach News:

Multiple healthcare targets receive an unwelcome diagnosis of ransomware, start your journey on the road to cyber resilience with our newest eBook, and learn more about why data breach danger is ratcheting up for every business and how you can better secure your customers from the onslaught. 


Dark Web ID’s Top Threats This Week


Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Education & Research
Top Employee Count: 501+



The Week in Breach News – United States 


United States – Lake Regional Healthcare

https://www.beckershospitalreview.com/cybersecurity/minnesota-health-system-hit-by-ransomware-attack-4-details.html

Exploit: Ransomware

Lake Regional Healthcare: Hospital System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.919 = Severe

A ransomware attack at this Minnesota healthcare system on December 30 led to impacts in patient care as the hospital was forced to adopt downtime procedures. Most impacted systems have been restored and the incident is under investigation.

Individual Risk: No personal or consumer information was reported as impacted in this incident at this time but the incident is still under investigation.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is an increasingly popular option for cybercriminals looking to disrupt operations to score a quick payday from a much-needed service provider or manufacturer.

ID Agent to the Rescue: Ransomware risks are growing every day in every industry. Get your business ready to fight back against ransomware threats with our eBook “Ransomware 101”. GET THE BOOK>>


United States – OmniTRAX

https://www.freightwaves.com/news/ransomware-attack-hits-short-line-rail-operator-omnitrax

Exploit: Ransomware

OmniTRAX: Short Line Railway 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.172 = Severe

Conti ransomware is to blame for a major information theft at OmniTRAX and parent company Broe Group. Although rail and freight operations were not disrupted, proprietary data was stolen. The 70 gigabytes of leaked files presented by the gang include internal OmniTRAX documents and clearly showed that data came from the contents of individual employee work computers. It was not clear if it included data pertaining to OmniTRAX’s rail operations or its customers.

Individual Risk: No personal or consumer information was reported as impacted in this incident at this time but the incident is still under investigation.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Just one stolen or cracked password can wreak havoc on a company and its subsidiaries, leading to extensive (and expensive) recovery operations.

ID Agent to the Rescue: Make sure that just a stolen password won’t open your door with secure identity and access management using Passly that seamlessly integrates with more than 1k apps. SCHEDULE A DEMO>>


United States – Apex Laboratory

https://hotforsecurity.bitdefender.com/blog/apex-laboratory-confirms-ransomware-gang-stole-patient-info-in-cyberattack-25002.html

Exploit:  Ransomware

Apex Laboratories: Consumer Medical Testing 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.783 = Severe

Apex Laboratories definitely got a result that they weren’t expecting when DoppelPaymer ransomware popped up on December 15, snatching a large quantity of data. The attack resulted in the exfiltration of thousands of documents containing both protected health information of patients and personally identifiable information of Apex employees.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.166 = Severe

The data impacted is estimated to include patient names, dates of birth, test results, and some Social Security and phone numbers. The company is notifying affected patients. Apex employees and clients should be cautious about potential spear phishing email using this information.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware has been an especially pernicious menace to healthcare targets throughout the pandemic, and that’s not slowing down.

ID Agent to the Rescue: Ransomware is almost always the cargo of a poisonous phishing email. BullPhish ID helps companies enlist every staffer in the fight against ransomware. SEE BULLPHISH ID IN ACTION>>



The Week in Breach News – Canada


Canada – Aurora Cannabis

https://www.bleepingcomputer.com/news/security/t-mobile-data-breach-exposed-phone-numbers-call-records/

Exploit: Unauthorized Access

Aurora Cannabis: Marijuana Dispensary Chain 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.664 = Severe

An email sent to an ex-employee of Aurora Cannabis uncovered a data breach affecting the personally identifiable information of the company’s current and past employees. It appears that the data was captured after unauthorized parties accessed the company’s SharePoint and OneDrive. The incident is still being untangled, as conflicting reports crop up about what information was stolen.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.580 = Severe

The actual details about the stolen data are unclear but are reported to include employee and former employee PII, credit card information, government identification, home addresses and banking details.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: It’s not all ransomware these days – good old-fashioned hacking is still a risk that every business faces. When information like this makes its way to the Dark Web, it makes hackers’ jobs easier.

ID Agent to the Rescue: Are your company credentials just waiting to be found in Dark Web data markets? Find out before cybercriminals do with 24/7/365 Dark Web monitoring. SEE DARK WEB ID IN ACTION>>


Canada – Communauto

https://montrealgazette.com/news/local-news/communauto-hit-by-cyber-attack 

Exploit: Ransomware

Communauto: Car Sharing Service 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.918 = Severe

A ransomware attack brought many of Communauto’s business side activities to a halt, causing delays in the management of accounts payable and invoicing. Proprietary data and some client PII was stolen, but no user credit card data was impacted. The company elected to pay the ransom and announced that the gang had agreed to destroy the information.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.033 = Severe

The personal information of some of its clients, including member numbers, names, email addresses, street addresses and account identifying details was compromised. Clients of Communauto should be wary of possible spear phishing attempts.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware threats have grown as the economy has contracted, leaving ransomware gangs to look farther afield for targets. They’re aided and abetted by huge lists of passwords that give hackers what they need to find and exploit security weaknesses to slip malware into systems.

ID Agent to the Rescue: How good are your passwords? Take a deep dive into the complexities of creating strong passwords and how you can make stronger passwords to foil hackers with our fresh Build Better Passwords eBook. GET THE BOOK>>


United States – Dassault Falcon Jet

https://securityaffairs.co/wordpress/113216/data-breach/dassault-falcon-data-breach.html

Exploit: Ransomware

Dassault Falcon Jet: Aviation Manufacturing 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.127 = Severe

Dassault Falcon Jet, a division of French conglomerate Dassault Aviation, was hit by the Ragnar Locker ransomware gang, resulting in extensive data theft. Bad actors made off with employee information, but no proprietary data theft was reported in the incident.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.702 = Severe

Extensive PII was exposed for current and former employees and their families including names, personal and company email address, personal mailing address, employee ID number, driver’s license number, passport information, financial account number, Social Security number, date of birth, work location, compensation and benefit enrollment information, and date of employment.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is no joke, and it has been increasingly pointed at manufacturing targets to both steal data and impact production, especially dangerous when a company manufactures assets like planes.

ID Agent to the Rescue: Improve phishing resistance training with BullPhish ID to improve any company’s defense against ransomware. SEE BULLPHISH ID AT WORK>>



The Week in Breach News – United Kingdom & European Union


United Kingdom – Amey Plc

https://www.constructionnews.co.uk/contractors/amey/amey-hit-by-cyber-attack-05-01-2021/

Exploit: Ransomware

Amey Plc: Infrastructure Builder

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.631 = Severe

Venerable construction company Amey was hit by a ransomware attack in late December, attributed to the Mount Locker ransomware gang. The gang has begun leaking a trove of documents including contracts, bank statements and loan records, confidential partnership agreements, NDAs, correspondence between Amey and UK government departments and councils, and technical blueprints

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.221 = Severe

Employee data impacted in this breach includes scans of passports, driving licenses, and identity documents of company employees and directors, financial reports, employment records (new hire offers and resignation letters) and meeting notes.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: It only takes one ransomware attack to blow up your budget for the year, and it’s still early! Don’t leave anything to chance – put as much protection as you can in place to repel ransomware attacks.

ID Agent to the Rescue: Are your customers waffling about whether or not they really need security upgrades? Let us help you seal the deal to get them the protection they need with Goal Assist. LEARN MORE>>



The Week in Breach News – Australia & New Zealand


New Zealand – The Reserve Bank of New Zealand

https://www.dw.com/en/new-zealand-central-bank-hit-by-cyberattack/a-56184575

Exploit: Ransomware

The Reserve Bank of New Zealand: Central Government Bank 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.827 = Severe

The Reserve Bank of New Zealand (RBNZ) announced that it has experienced a data breach as a result of an unauthorized access incident at a third-party file-sharing service used by the bank to share and store some sensitive information. The nature and extent of information that has been potentially accessed is still being determined

Individual Impact: There is no confirmed information about the nature of this stolen data, but it may include some commercially and personally sensitive information.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is a favored weapon for both run-of-the-mill cybercriminals and nation-state hackers – and no organization is too big or too small to fall victim to ransomware.

ID Agent to the Rescue: Every business is at risk of ransomware via phishing. Phishing resistance training works, but only if you refresh it at least quarterly. Fortunately, BullPhish ID gives you plenty of options for fresh training material. LEARN MORE>>


Australia – Health and Community Services Union Tasmania

https://www.starobserver.com.au/news/tasmania-health-data-breach-sees-patient-hiv-status-published-online/199862

Exploit: Unsecured Database

Health and Community Services Union Tasmania: Regional Health Department 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.772 = Severe

A massive data exposure was uncovered at Tasmania’s Health department, leading to the exposure of some extremely sensitive information. Reports have surfaced that any person who called the State’s ambulance service starting in November 2020 have had their personal details posted publicly online. The data leak has since been addressed and is under investigation.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.811 = Severe

Reports say that over 26,000 pages of pager messages about patients between the ambulance service, dispatchers and healthcare personnel have been published including patients’ condition, personal details, addresses, HIV status, gender and age.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Security lapses like this aren’t just regrettable, they’re preventable. Failure to make sure that sensitive information is actually secure doesn’t speak well to any organization’s commitment to security.

ID Agent to the Rescue: Are you covering all of the right bases to secure sensitive information? Our Cybersecurity New year’s Resolutions checklist can help you keep data and systems safe in 2021. GET THE CHECKLIST>>



The Week in Breach News Guide to Our Risk Scores


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.


The Week in Breach: Added Intelligence


Go Inside the Ink to Get the Inside Scoop on Cybercrime

Every weekday, our blog features timely cybersecurity and breach news, problem-solving advice, and expert analysis of today’s threats, plus insight that helps you plan for tomorrow. Don’t miss it!



The Week in Breach: Resource Spotlight



Start Your Journey on the Road to Cyber Resilience


Pull into the fast lane and race to a cyber-resilient future with our new resource package. Our Road to Cyber Resilience Package featuring an eBook and infographic combo is perfect for learning about the benefits of building a cyber-resilient organization.

See why adding this flexibility to your security arsenal enables you to rapidly respond to unexpected threats from inside and outside your organization. Plus, our checklist will help you make sure that you’re hitting all the right stops as you journey toward a stronger, more resilient defense.

  • The Road to Cyber Resilience eBook – Speed your way to next-level cybersecurity when you learn more about why cyber resilience is a modern essential and how it saves businesses from disaster.
  • The Cybersecurity New Year’s Resolutions Checklist infographic – This is the perfect way to review the components of a winning cybersecurity strategy and see what you might need to add.
  • Learn how ID Agent’s award-winning solutions can help you build a more cyber resilient organization fast!

Download The Road to Cyber Resilience Resource Package now! DOWNLOAD IT>>



It’s the Last Week to Get on the Guest List for the Launch Party of the Year!


Ready to celebrate the relaunch of our award-winning phishing resistance training solution BullPhish ID? Join us on January 19, 2021, at 11 am ET to be among the first to see the new BullPhish ID! You told us that you needed a little bit more to make BullPhish ID perfect for every client, and we listened. Find out more about the new updates and upgrades that check off everything on your wish list. RESERVE YOUR SPOT>>



The Week in Breach: Featured Briefing


Data Breach Danger Has Majorly Ramped Up for Every Business 


Cybercrime has been steadily on the rise throughout the opandemic. Now that we’re starting to see some end-of-the-year numbers tallied, it’s becoming even more apparent that 2020 was a very dangerous year for business cybersecurity – and 2021 isn’t looking much better.

One stunning statistic that hops right out of the Ponemon Institute’s biannual Cyber Risk Index is the estimation that 1 in 4 firms worldwide faced 7 or more serious cyberattacks in 2020. That includes firms of every size – no business is too small to be at risk of a cyberattack. The top security risks within IT infrastructure that were cited by survey respondents were: organizational complexity and misalignment, negligent insiders, cloud infrastructure and providers, skills shortages and malicious insiders

Another important fact to remember: 83% of respondents thought that the chances of an attacker gaining a foothold inside their company’s networks or systems over the next year are “somewhat” or “very” likely. They’re not just being pessimistic – precipitate increases in cybercrime across the board bear this thinking out. The survey goes on to list the risks and types of cyberattacks that most concern businesses: phishing and social engineering, clickjacking, ransomware, fileless attacks, botnets and man-in-the-middle attacks.

Cleanup and recovery from a cybersecurity incident is becoming more expensive too. According to business insurer Hiscox, incident response from cyberattacks can cost businesses $200,000 on average for a single large incident. Even at SMBs, remediation and recovery costs from a data breach can easily climb into 6 figures for even a few small cybersecurity incidents per year – and many companies learned that lesson in 2020.

Our full suite of security solutions empowers you to handle many of these concerns for your clients quickly and easily. Just by adding secure identity and access management with Passly, your clients add several layers of strong protection to their vulnerable access points, including multifactor authentication, a superstar in security throughout 2020.

Regularly updated security awareness and phishing resistance training using BullPhish ID is essential for every business as well. We’re about to launch a slew of new, upgraded features and functionality for this key component of any cybersecurity plan. Companies that engage in regular cybersecurity training (at least quarterly) can have up to 70% fewer cybersecurity incidents each year.

Dark Web ID is another option that may not show obvious value to non-tech savvy clients, but it’s a clutch player for preventing credential compromise from giving cybercriminals an easy way into systems and data by exploiting compromised credentials. The 24/7/365 monitoring can help give clients peace of mind against Dark Web danger.

Experts predict that we’ll see as much as a 40% rise in data breaches in 2021. With this information about the explosion in risk for businesses of every stripe at hand, it’s easy to see why now is the perfect time to bring up to your clients the value of updating and upgrading cybersecurity solutions to mitigate these threats. While budgets are universally tight, the cost of just one cybersecurity incident like a ransomware attack will be much higher than the cost of the security upgrades that prevent it.

Don’t hesitate to contact the experts at ID Agent for assistance. We can walk you through the benefits of our solutions for your customers – we’ll even back you up on sales calls as part of the Goal Assist program that is available to our Partners to help you seal a tricky deal.



The Week in Breach: A Note for Your Customers


Don’t Let Employee Blind Spots Cost You a Fortune 


The number one cause of a data breach never changes – it’s always human error. No matter how savvy you may think your staffers are about cybersecurity, everyone has a blind spot. How can you find your employees’ blind spots and make sure that you’re covering all of your bases?

A recent report called Cyberchology: The Human Element details some of the unfortunate consequences that the sudden shift to remote work and the stress of the pandemic has brought to the table. The most striking observation? Just over 80% of companies experienced cybersecurity challenges due to human error in 2020.

While human error is always going to the top cause of a data breach or similar cybersecurity incident, you can take steps to reduce that possibility by creating an atmosphere for your employees that makes it okay, or even encouraged, to ask questions and learn more about cybersecurity. A well-informed, confident staff is your secret weapon against cybercrime.



A strong cybersecurity culture is rooted in accessible, up-to-date, easy to understand security awareness training that includes phishing resistance. It’s important to use tools like training with BullPhish ID as exercises that nourish your healthy cybersecurity culture, not punishments to be endured. That’s why we’re careful to include memorable, animated video lessons in our training content menu.

Making training pleasant and manageable for even your most tech-shy staffer helps foster a spirit of teamwork that has your staffers watching out for trouble to make sure that those blind spots are covered – because when every staffer is trained to spot and stop cybersecurity threats, everyone in your organization is on your defense team.


Get high-quality tools to help you connect with your customers with our free resources for marketing and education like eBooks, webinars, social media graphics, infographics, and more!

Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Just send an email to [email protected] to let us knowwe welcome your feedback and we love to hear about how our content works for you!

Ready to become an ID Agent Partner or learn more about our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID? Contact us today!