Please fill in the form below to subscribe to our blog

The Week in Breach News: 01/10/24 – 01/16/24

January 17, 2024

This week: Bad actors hit a water charity, a misconfiguration leads to a big breach for an Australian travel agency, our new eBook Why Small Businesses Need a Smarter SOC and a look at the top strategic priorities that MSPs should be considering in 2024.


In The Educator’s Guide to Cybersecurity, see the cyber threats that schools face & how to mitigate them. DOWNLOAD IT>>



HMG Healthcare

https://www.scmagazine.com/brief/data-breach-at-hmg-healthcare-hits-dozens-of-facilities

Exploit: Hacking

HMG Healthcare: Healthcare Services Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.702 = Severe

Texas-based HMG Healthcare is informing patients and their families that it has experienced a data breach that impacts the personal health information of employees and residents at 40 affiliated nursing facilities. HMG said that it first discovered the intrusion in November 2023, but an investigation determined that the data breach occurred in August 2023. Exposed data includes names, contact information, dates of birth, health information, medical treatment details, Social Security numbers and employee records.

How It Could Affect Your Customers’ Business: Healthcare data breaches are punishingly expensive from incident response to the penalties regulators slap on a company.

Kaseya to the Rescue: An endpoint detection and response solution can help businesses stop the spread of a cyberattack fast. This checklist helps you find the right one. DOWNLOAD IT>>


Water for People

https://therecord.media/water-for-people-medusa-ransomware

Exploit: Ransomware

Water for People: Non-Profit

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.591 = Severe

Water for People, a Colorado-based non-profit that works to provide access to clean water and sanitation in under-resourced countries, has been added to the website of the Medusa ransomware gang. The gang is demanding a $300k ransom. A spokesperson for Water for People said that the bad actors accessed data from before 2021, did not compromise the non-profit’s financial systems and no business operations were impacted. Philanthropist MacKenzie Scott, once married to Amazon founder Jeff Bezos, recently granted the non-profit $15 million toward its effort to improve water access for more than 200 million people over the next eight years. 

How It Could Affect Your Customers’ Business: Attacking a service provider can be a great play for bad actors looking for a quick payday or a backdoor into another organization’s network.

Kaseya to the Rescue:  See how security awareness training helps keep cybersecurity threats from becoming cybersecurity disasters. DOWNLOAD INFOGRAPHIC>>


KAS_eBook-Cybersecurity-Survey-2023_Resource

See the challenges companies face & how they’re overcoming them in The Kaseya Security Survey Report 2023 DOWNLOAD IT>>



Toronto Zoo

https://www.cbc.ca/news/canada/toronto/what-you-need-to-know-about-the-zoo-cyber-attack-1.7078831

Exploit: Hacking

Toronto Zoo: Zoo

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.703 = Moderate

The Toronto Zoo announced it’s been hit by a ransomware attack. The January 5 attack impacted some of the zoo’s systems. Officials were quick to reassure the public that animal care and welfare were not affected. The zoo said it is investigating to determine if guest, member or donor records might be impacted. It also said that online ticket purchases and the zoo’s website are still functioning. Zoo officials also reminded the public that it doesn’t have any credit card information stored on hand. 

How It Could Affect Your Customers’ Business: No institution or organization is immune to the depredations of cybercriminals.

Kaseya to the Rescue: Learn about the growing list of cybersecurity challenges that organizations face in the Kaseya Security Survey Report 2023. DOWNLOAD IT>>


Midwives of Windsor

https://www.cbc.ca/news/canada/windsor/midwives-windsor-email-breach-1.7075507

Exploit: Email Account Compromise

Midwives of Windsor: Medical Association

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.762 = Severe

The Midwives of Windsor, a maternity healthcare provider, has disclosed that it has experienced a data breach. The association said that it discovered that an unauthorized party gained entry to an employee email account in April 2023, giving them access to client data. The client information compromised includes a patient’s name, mailing address, email address, telephone number, date of birth, information regarding your pregnancy, treatment/diagnosis information, prescription information, patient ID and health insurance information. That patient’s child’s name and date of birth may have also been exposed. 

How It Could Affect Your Customers’ Business: Healthcare data is a sought-after commodity for bad actors because it is still profitable.

Kaseya to the Rescue:  Read our case studies to see how MSPs and businesses have overcome their cybersecurity challenges with the solutions in Kaseya’s Security Suite. EXPLORE CASE STUDIES>>


The Memorial University of Newfoundland (MUN)

https://www.bleepingcomputer.com/news/security/memorial-university-recovers-from-cyberattack-delays-semester-start/

Exploit: Hacking 

The Memorial University of Newfoundland (MUN): Institution of Higher Learning

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.423 = Extreme

The largest public university in Atlantic Canada, Memorial University of Newfoundland (MUN), has experienced a cyberattack that has impacted its operations, causing one of its campuses to delay learning. Officials said that the college discovered the attack on December 29 and activated security protocols that included isolating impacted systems to prevent further damage. Grenfell campus was the hardest hit. As a result, the start of classes, in person and remote, was postponed from January 4 to January 8. Internet and WiFi for resident students and payment terminals for credit and debit card transactions are also not working. Services at the Marine Institute campus have been fully restored.  

How it Could Affect Your Customers’ Business: Education was the top sector for ransomware attacks in 2023, a trend that looks set to continue.

Kaseya to the Rescue:  This infographic shows you the benefits businesses gain by choosing a managed security operations center instead of building their own. DOWNLOAD IT>> 


an ominously dark image of a hacker in a blue grey hoodie with the face obscured.

Explore the nuts and bolts of ransomware and see how a business falls victim to an attack. GET EBOOK>>



UK – Lush

https://therecord.media/british-cosmetics-lush-cyberattack

Exploit: Ransomware

Lush: Cosmetics and Personal Care Retailer

1.51 – 2.49 = Severe Risk

Risk to Business: 1.736 = Severe

Beloved British retailer Lush has disclosed that it is experiencing a cyber incident that is widely believed to be a ransomware attack. The company said in a statement that a comprehensive investigation is underway utilizing external IT forensic specialists. Lush has not disclosed what if any, data was stolen by the attackers or the extent that it expects that the incident will impact its operations.  

How it Could Affect Your Customers’ Business: Retailers are prime targets for bad actors, especially ransomware gangs seeking a quick profit by disrupting their operations.

Kaseya to the Rescue: Learn how Datto EDR with Ransomware Rollback helps organizations including medical centers recover from ransomware faster. REGISTER NOW>>   


Every business faces insider risk, from employee mistakes to malicious acts. Learn how to mitigate it. DOWNLOAD EBOOK>>



Australia – Hal Leonard Australia

https://www.cyberdaily.au/security/10024-print-music-giant-hal-leonard-australia-falls-victim-to-qilin-ransomware

Exploit: Ransomware

Hal Leonard Australia: Music Publisher

1.51 – 2.49 = Severe Risk

Risk to Business: 2.736 = Moderate

Printed music publishing company Hal Leonard Australia, the subsidiary of a US-based parent company also called Hal Leonard, has fallen victim to a ransomware attack. The Qilin ransomware gang has claimed responsibility for the attack, subsequently sharing 37.6 GB of the company’s data online last week. That data included a full list of Hal Leonard employees along with their contact information and ranking. Also included were emails regarding credit details with third-party customers, debt notices and banking summaries. Hal Leonard sells sheet music for well-known acts including The Beatles, Miles Davis, Irving Berlin and Stevie Wonder. 

How it Could Affect Your Customers’ Business: Data thieves don’t just want financial or personal data; stolen intellectual property also has the potential for a big profit.

Kaseya to the Rescue: Every organization needs to be ready for trouble with an incident response plan in place. This checklist can help. DOWNLOAD CHECKLIST>> 


Australia – Inspiring Vacations

https://www.hackread.com/aussie-travel-agency-data-leak-tourists-at-risk/

Exploit: Misconfiguration

Inspiring Vacations: Travel Agency

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.433 = Extreme

A misconfiguration is to blame for a data breach at Inspiring Vacations, a Melbourne-based travel agency. Most of the victims are Australian citizens, but identification documents from New Zealand, the United Kingdom and Ireland were also exposed. Altogether, the database contained information about 13,684 customers, including names, email addresses, trip costs, and destinations, contained in 48 Excel spreadsheets. It also contained 24,000 itinerary and e-ticket documents, some showing partial credit card numbers, and internal company documents, including 17,000 tax invoices to partners and affiliates.

How it Could Affect Your Customers’ Business: Human error can quickly cause expensive cybersecurity trouble like this.

Kaseya to the Rescue: Learn more about what cybercriminals are looking for and how they make a profit in our infographic 5 Ways the Dark Web Endangers Businesses. DOWNLOAD IT>>



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident


dark web threats represented by a hacker in a hoodie shrouded in shadows with faint binary code

Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>



 Watch on-demand product demo videos now


Did you know that you can watch on-demand videos that show you the features of our security solutions? Watch them now to learn more about the benefits they bring to businesses and MSPs.

Watch a Graphus demo WATCH NOW>>

Watch demos of BullPhish ID and DarkWeb ID WATCH NOW>>

Watch a demo of RocketCyber Managed SOC WATCH NOW>>


How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>



Get your “Why Small Businesses Need a Smarter SOC” eBook


Cyber threats are constantly evolving and growing more sophisticated. At the same time, the cybersecurity talent shortage makes it impossible for MSPs and businesses to find the personnel they need to run a security operations center (SOC). Download our new eBook and learn how to overcome these barriers.
See how a managed SOC can help you:

  • Implement robust cybersecurity practices
  • Tailor security services to fit any company or MSP’s needs
  • Understand and thwart cyber threats
  • Future-proof businesses against emerging risks

DOWNLOAD IT NOW>>

Did you miss: The Comprehensive Guide to Ransomware & Phishing for K-12 Schools? DOWNLOAD IT>>


Learn how managed SOC gives you big security expertise on call 24/7without the big price tag. LEARN MORE>>



This is the top priority for successful MSPs in 2024


This is the time of year in which businesses lay the groundwork to ensure a year of prosperity ahead. As we step into 2024, Managed Service Providers (MSPs) are faced with the task of not only meeting current demands but also anticipating future trends. From technological advancements to client relationship management, the road to success in 2024 requires a proactive and forward-thinking approach. For MSPs, strategic preparation is key to navigating the evolving landscape of technology and client expectations. We polled 1,575 for Datto’s Global State of the MSP Report: Trends and Forecasts for 2024 about their strategic priorities and the trends they expect to see in 2024.



These are 8 major priorities for successful MSPs in 2024


Several key trends and findings from our report offer valuable insights for MSPs seeking to thrive in an evolving landscape. Successful MSPs will put these actionable items at the top of their priority lists this year.

Embrace vendor consolidation: Building strong strategic partnerships with a select few technology vendors can lead to efficiency gains, cost-effectiveness and improved service quality. While it may not be practical to rely on just one vendor, focusing on fewer vendors can streamline your supply chain, optimize procurement and simplify vendor management.  

Leverage the power of recurring revenue: The majority of MSPs are experiencing revenue growth, primarily driven by monthly recurring revenue (MRR). Consider strengthening your MRR model as it ensures a consistent and predictable revenue stream. While smaller MSPs may occasionally use break-fix or project fees, MRR remains the prevailing model for mature and larger MSPs.  

Enhance the customer experience: With increased competition, delivering an exceptional customer experience is paramount. Focus on providing outstanding service to stand out in a saturated market. It is now as important as revenue growth and should be a top strategic priority.   

Expand your service portfolio: Consider adding new services such as collaboration software, penetration testing, self-service capabilities and storage design and implementation. These represent significant growth opportunities for MSPs in 2024. 


IDA-CL-Top-5-Cyberthreats-Schools-Face_Resource

Learn about the top cyber threats K-12 schools face and how to mitigate them. DOWNLOAD INFOGRAPHIC>>


Stay compliant: In an ever-changing business landscape, staying up to date on compliance regulations is crucial. Ensure that your MSP is well-versed in compliance must-haves to support your clients effectively, like security awareness training requirements.  

Embrace cloud migration: Be prepared for the continued shift of client workloads to the cloud. Invest in skills and resources to manage cloud services effectively. Anticipate your clients’ needs for cloud services like Amazon AWS, Microsoft Azure and Google Cloud.  

Address cybersecurity concerns: With cybersecurity still a top concern, investing in solutions to protect against computer viruses, phishing, endpoint threats and password compromises is vital. Hiring skilled cybersecurity professionals and managing the complexity of cybersecurity products is essential as well. 

Adapt to the hybrid workplace: Recognize the ongoing importance of supporting hybrid work models. Offer solutions and services that cater to clients’ evolving workplace needs. Continuously innovate: Continually innovate to differentiate yourself in a competitive landscape. Keep an eye on emerging technologies and trends that can benefit your clients and your business 


See why choosing a smarter SOC is a smart business decision. DOWNLOAD AN EBOOK>>


Set your course for success now


MSPs are juggling a multitude of strategic priorities in a world that is already loading them up with stressors like the potential for disastrous cyberattacks on their clients. Enhancing the customer experience and growing revenue, which tied in first place as the top strategic priority among respondents in North America. The competitive landscape has amplified the importance of providing exceptional service to clients as a means of standing out in a saturated industry. In today’s competitive marketplace, the top way for MSPs to differentiate their business from a rival’s is to provide an exceptional customer experience.  

Source: Datto Global State of the MSP Report: Trends and Forecasts for 2024


a red fish hook on dark blue semitransparent background superimposed over an image of a caucasian man's hands typing on a laptop in shades of blue gray

Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>


The customer experience is king 


In our survey, we delved into the concept of customer experience within the MSP landscape. We sought to understand what “customer experience” truly signifies to MSPs and why it demands enhancement. For 44% of respondents, improving the customer experience emerged as the top priority, signifying its pivotal role. An additional 47% regarded it as a high-priority endeavor. Not a single MSP we surveyed stated that improving the customer experience was not a priority at all. When we looked further into the reasons behind this intense focus, we found several interconnected factors at play. MSPs recognize that the modern IT landscape is fiercely competitive, and delivering a superlative customer experience is their means of standing out. The risk of client churn looms, as clients grow more nervous about cybersecurity and other factors, making it essential to not only retain current clients but also attract new ones. It’s clear that, for MSPs, improving the customer experience isn’t merely a box to check; it’s a strategic initiative born out of the need to thrive in a demanding market. 

Source: Datto Global State of the MSP Report: Trends and Forecasts for 2024


See why EDR is the perfect investment to make in your future right now in our buyer’s guide. DOWNLOAD IT>>


MSPs plan to add major revenue driverrs in the next 12 months 


MSPs are keen to expand their service portfolios further and diversify their offerings to capture as much ground as possible in a fiercely competitive market. Adding services also opens up new wells of revenue, especially hot security services like penetration testing. The top services that respondents anticipate adding to their portfolios in 2024 include collaboration software, business intelligence or analytics software, and incidence response and forensics. 

Source: Datto Global State of the MSP Report: Trends and Forecasts for 2024


Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>


Find the solutions you need to grow your MSP in Kaseya’s Security Suite


Kaseya’s Security Suite is the ideal addition to any MSPs offering. Our suite of powerful, integrated solutions offers MSPs and businesses the security tools that they need to avoid cyber trouble and protect their bottom line from the punishing cost of cybercrime. 

BullPhish ID — This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.    

Dark Web ID — Our award-winning dark web monitoring solution is the channel leader for a good reason: it provides the greatest amount of protection around with 24/7/365 human and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.   

Graphus — Automated email security is a cutting-edge solution that puts three layers of AI-powered protection between employees and phishing messages. It works equally well as a standalone email security solution or supercharges your Microsoft 365 and Google Workspace email security.     

Kaseya Managed SOC powered by RocketCyber — Our managed cybersecurity detection and response solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.     

Datto EDR — Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).     

Vonahi Penetration Testing – How sturdy are your cyber defenses? Find out with vPenTest, a SaaS platform that makes getting the best network penetration test easy and affordable for internal IT teams.  


Follow the path to see how Managed SOC heroically defends businesses from cyberattacks. GET INFOGRAPHIC>>



ID Agent & Graphus Q1 Product Innovation

January 30 | 1 PM ET / 10 AM PT 

Join us on January 30 to find out about new time-saving product integrations and the newest features and enhancements for BullPhish ID, Dark Web ID, Passly and Graphus. Learn about the Graphus Personal Spam Filter, helpful integrations between our Security products and Compliance Manager GRC, Autotask and AudIT and so much more! REGISTER NOW>>

January 28 – 30: Schnizzfest (Arizona) REGISTER NOW>>

April 29 – May 2: Kaseya Connect Global (Las Vegas) REGISTER NOW>>

June 11 – 13: Kaseya DattoCon Europe (Dublin) REGISTER NOW>>

October 28 – 30: Kaseya DattoCon (Miami) REGISTER NOW>>

November 12 – 14: Kaseya DattoCon APAC (Sydney) REGISTER NOW>>


dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>


Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!


let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!

LEARN MORE>>


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>


Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!

SCHEDULE IT NOW>>