The Week in Breach News: 02/12/25 – 02/18/25
This week: A big data breach at Finastra; ransomware rocks tribal casinos; an eBook to help make your case for Kaseya 365 User; and a look at outsmarting the social engineering aspect of phishing.
Read this week’s new featured blog: How You Can Outsmart Phishing
Kewadin Casinos
https://www.radioresultsnetwork.com/2025/02/10/237239/
Exploit: Ransomware
Industry: Travel & Leisure
The Soo Tribe of Chippewa and its Kewadin Casinos have been the victim of a cyberattack. All gaming operations shut down early last week. The attack also impacted multiple phone and computer systems across tribal administration, health centers and various businesses. A tribal spokesperson said that the tribal government is open in a limited capacity, and they are working with experts to assess and fix the damage but offered no timeline for restoration.
How It Could Affect Your Customers’ Business: Disruptions to tribal administration and gaming revenue highlight the importance of having a robust incident response and business continuity plan in place.
Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>
Attorney General of Virginia
Exploit: Hacking
Industry: Government
The Virginia Attorney General’s office was struck by a cyberattack this week that forced officials off the office’s computer systems. The chief deputy attorney general of the agency sent an email on Wednesday that said nearly all of its computer systems were offline including but not limited to Net Docs, Outlook, Teams, OAG Fileshare, VPN access and internet connectivity via the OAG network. Virginia State Police and other law enforcement officials are investigating the attack.
How It Could Affect Your Customers’ Business: The attack took down critical systems like email, file sharing and VPN access, demonstrating how cyber incidents can paralyze essential operations
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from email-based threats in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
Memorial Hospital
https://www.darkreading.com/cyber-risk/120k-victims-compromised-memorial-hospital-ransomware
Exploit: Ransomware
Industry: Healthcare
Memorial Hospital and Manor in Georgia is notifying 120,000 individuals that their personal information was stolen in a ransomware attack. The breach was first disclosed in November 2023 when the hospital reported system outages that forced staff to temporarily rely on pen and paper for patient records. Following the attack, Memorial engaged cybersecurity experts and launched a forensic investigation to assess the scope of the breach. The Embargo ransomware group has claimed responsibility, alleging it exfiltrated 1.15 terabytes of data from the hospital’s systems.
How It Could Affect Your Customers’ Business: Hospitals store vast amounts of sensitive patient data, making them attractive targets for cybercriminals.
Kaseya to the Rescue: Our 10 Tips for Successful Employee Security Awareness Training infographic can help you maximize the effectiveness of your security awareness training efforts. DOWNLOAD IT>>
Feeling overwhelmed by your task list? Discover four strategies for reducing your workload! GET INFOGRAPHIC>>
UK – Finastra
https://www.securityweek.com/finastra-starts-notifying-people-impacted-by-recent-data-breach
Exploit: Hacking
Industry: Banking & Finance
British fintech giant Finastra began notifying individuals last week whose personal information was stolen in a recent data breach. A hacker claimed responsibility for the theft of 400 GB of data, which was allegedly taken from the company’s systems and offered on an underground forum. The breach occurred between October 31 and November 8, 2024, when the attacker accessed an internal secure file transfer platform multiple times, exfiltrating files containing personal and financial account information. Finastra is offering affected individuals two years of free identity protection and credit monitoring services. While the company has not disclosed the number of impacted individuals or further details on the attack, it confirmed that no ransomware or malware was involved.
How It Could Affect Your Customers’ Business: This is the second cyber incident that Finstra has experienced recently, highlighting the importance of robust security.
Kaseya to the Rescue: Maximize your security on a lean budget with the insights you’ll find in our infographic 5 Ways to Squeeze More From a Tight Security Budget. DOWNLOAD IT>>
Uncover today’s worst phishing threats and see smart strategies to keep businesses out of trouble. GET EBOOK>>
Japan – Nippon Steel
https://cybernews.com/news/nippon-steel-claimed-by-bianlian-ransomware-group
Exploit: Ransomware
Industry: Manufacturing
Nippon Steel, the world’s fourth-largest crude steel producer, has allegedly fallen victim to a ransomware attack by the BianLian ransomware group. On Thursday, the group listed the Tokyo-based company on its dark leak site, claiming to have stolen 500 GB of data from Nippon’s U.S. division networks. BianLian asserts it has exfiltrated a wide range of sensitive information, including accounting records, client financial data, executives’ personal folders, file server data, production details and personnel files. Additionally, the group leaked personal contact information such as direct phone numbers for the company’s C-suite executives. The breach comes at a particularly challenging time for Nippon Steel, as it navigates a complex $15 billion merger with U.S. Steel.
How it Could Affect Your Customers’ Business: Bad actors can snatch more than just business data in an attack – executives’ personal data may also be at risk.
Kaseya to the Rescue: Watch this webinar to explore Kaseya 365 User, our latest innovation to empower small and midsize businesses to maximize security while boosting productivity. LEARN MORE>>
Taiwan – Unimicron
Exploit: Ransomware
Industry: Manufacturing
Unimicron, a global leader in printed circuit board (PCB) manufacturing, has confirmed it was hit by a ransomware attack on January 30. The company enlisted a third-party cyber forensic team to assess and defend its IT infrastructure, stating that the anticipated impact or loss from the attack was “limited.” The ransomware group Sarcoma has claimed responsibility for the attack. The group reportedly posted samples of stolen files and threatened to release the full cache unless a ransom is paid. They claim to have stolen 377 GB of SQL files and documents.
How it Could Affect Your Customers’ Business: Ransomware groups are just as happy to acquire business proprietary data like network maps, blueprints and research as personal and financial data.
Kaseya to the Rescue: Take a deep dive into the players that shape dark web commerce today in our eBook State of the Dark Web. DOWNLOAD IT>>
China – Mars Hydro
Exploit: Human Error
Industry: Manufacturing
Mars Hydro, a Chinese company that manufactures a range of Internet of Things (IoT) devices, including LED lights and hydroponics equipment, has experienced a significant data breach. Security researchers discovered an unprotected database online containing nearly 2.7 billion records. The exposed data includes Wi-Fi network names, passwords, IP addresses, device numbers and more. Many of the company’s products are controlled by internet-connected devices, such as smartphones and information related to these devices was also included in the breach.
How it Could Affect Your Customers’ Business: It is critical to ensure that employees are properly trained in data security best practices to prevent errors.
Kaseya to the Rescue: Learn how to mitigate the security risks that come from the actions of both accidental and malicious insider risk in our Guide to Reducing Insider Risk. DOWNLOAD IT>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Read this week’s feature story: How You Can Outsmart Phishing
Cybercriminals have many psychological tricks up their sleeves to hook unwary employees. Discover how security awareness training and phishing simulations can help you stay one step ahead of cybercriminals and strengthen your human firewall. READ IT>>
Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>
Learn How to Maximize Security and Savings With Kaseya 365 User
Small and midsize businesses face increasing cyber threats and tight budgets. Discover how Kaseya 365 User can help you protect sensitive data, manage security risks and improve IT efficiency without overspending. In this on-demand session, you’ll learn how to:
- Save money with a low-cost, all-in-one subscription.
- Boost productivity with an integrated, automated platform.
- Secure data and credentials with essential tools to prevent, respond to and recover from attacks.
Watch the webinar now! WATCH IT>>
Make Your Case for Upgrading User Protection
You know that upgrading user protection is a smart move, but can you demonstrate that to budget controllers? Get the information you need to make your case in our eBook, Kaseya 365 User Business Case: Redefining User Protection for the Modern Workforce. Download this eBook now to learn:
- The key benefits businesses gain from choosing Kaseya 365 User.
- How Kaseya 365 User helps prevent, respond to, and recover from user-based threats.
- How this subscription reduces costs, streamlines security and protects users and data across SaaS applications like Microsoft 365 and Google Workspace.
Don’t wait – get this eBook now! DOWNLOAD IT>>
Did you miss… our infographic 4 Smart Moves to Reduce Your IT Cybersecurity Workload? DOWNLOAD IT>>
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
Don’t Miss the Kaseya Compliance Summit in Washington D.C.
Join us at the Kaseya Compliance Summit in Washington, D.C.! This must-attend event takes place on Thursday, February 27, 2025, from 12:00 PM to 7:30 PM EST. Hear from experts who can help you find the right provide you with strategies, tools and insights to conquer compliance. We’ll cover all the most prominent standards including CMMC, SOC2 and HIPAA . Enjoy a catered lunch and connect with industry experts and peers over drinks during our networking reception. Don’t miss out on this incredible opportunity! REGISTER NOW>>
April 28 – May 1 Kaseya Connect Global REGISTER NOW>>
June 17 – 19 Kaseya DattoCon Europe REGISTER NOW>>
October 6 – 8 Kaseya DattoCon REGISTER NOW>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Read our case studies and see how MSPs and businesses have benefitted from using our solutions. READ NOW>