Please fill in the form below to subscribe to our blog

The Week in Breach News: 04/24/24 – 04/30/24

May 01, 2024

This week: This week, we’re reporting from Kaseya Connect Global 2024 in sunny Las Vegas. We’re so proud to introduce you to Kaseya 365, our newest game-changing innovation. Plus, nation-state threat actors hit water infrastructure in Texas, human error causes a storm for the U.S. Coast Guard and happy hour is over in Sweden as a cyberattack impacts liquor distribution.

Tipton Wastewater Treatment Plant

Exploit: Hacking (Nation-State) 

Tipton Wastewater Treatment Plant: Utility

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.741 = Extreme

A Russia-linked threat actor has claimed it’s behind a cyberattack on an Indiana wastewater treatment plant. The Cyber Army of Russia posted video on its Telegram channel supporting their claim. Officials at the plant confirmed the attack, saying that although the hackers were successful, the plant’s IT infrastructure took minimal damage in the incident. The group is suspected of being behind other water and wastewater facilities including a recent hack in Texas in January.

How It Could Affect Your Customers’ Business: Concern has been ratcheting up about the pace of nation-state threat actors attacking infrastructure targets.

Kaseya to the Rescue: Learn about the growing list of cybersecurity challenges that organizations face in the Kaseya Security Survey Report 2023. DOWNLOAD IT>>

District of Columbia Department of Insurance, Securities and Banking (DISB)

Exploit: Hacking (Supply Chain)

District of Columbia Department of Insurance, Securities and Banking (DISB): Government Agency

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.856 = Extreme

The LockBit cybercrime group says that it gained access to the network of the District of Columbia Department of Insurance, Securities and Banking (DISB) and snatched sensitive data. The gang claims to have stolen 800 GB of sensitive financial data including files pertaining to the U.S. Securities and Exchange Commission (SEC), Delaware banking institutions and other financial entities as well as DISB operations. The data was likely obtained from DISB’s STAR system client in late March 2024 which was maintained by Tyler Technologies. The incident is under investigation.

How It Could Affect Your Customers’ Business: As business cybersecurity tightens, cybercriminals are increasingly targeting service providers on the hunt for backdoors into the companies they serve.

Kaseya to the Rescue:  Learn how to protect businesses from dark web danger and mitigate cyberattack risk with the insight we share in The IT Professional’s Guide to Dark Web Defense. DOWNLOAD IT>>

EDR represented by a rendering of connected devices

Learn how Datto EDR satisfies cyber insurance requirements for endpoint protection & EDR. DOWNLOAD REPORT>>

The Coast Guard Reserve

Exploit: Human Error

The Coast Guard Reserve: Military

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.721 = Severe

The Coast Guard Reserve has alerted thousands of personnel that their personal data may have been exposed in a cyberattack. Officials said that on January 24, 2024, a person sent a tranche of Coast Guard members’ personal data to people who were not authorized to view it. 10,700 Coast Guard Reserve members were impacted. 7,554 individuals had their home addresses exposed. The names and employee identification numbers of another 3,146 personnel were also included.

How It Could Affect Your Customers’ Business: Even the best-laid security plans can be ruined by untrained or careless employees making mistakes.

Kaseya to the Rescue: There are a bewildering array of acronyms used for cybersecurity technologies. This infographic breaks down six of them. DOWNLOAD IT>>

Coffee County, Georgia

Exploit: Ransomware

Coffee County, Georgia: Regional Government

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.803 = Severe

A ransomware attack has resulted in the government of Coffee County, Georgia, temporarily severing its connection to the state’s voter registration system. This is a particularly concerning development as the U.S. presidential election grows closer. The early April attack left some county workers using cellular networks for internet access. County officials said they saw no evidence of exfiltration of data/files. The incident is still under investigation.   

How It Could Affect Your Customers’ Business: Government agencies and departments at every level have been prime targets for bad actors in the last 12 months.

Kaseya to the Rescue:  An endpoint detection and response solution can help businesses stop the spread of a cyberattack fast. This checklist helps you find the right one. DOWNLOAD IT>> 

Follow the path to see how Managed SOC heroically defends businesses from cyberattacks. GET INFOGRAPHIC>>

London Drugs

Exploit: Ransomware

London Drugs: Drugstore Chain

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.712 = Severe

British Columbia-based London Drugs disclosed that it has experienced a cybersecurity incident that resulted in the temporary closure of all 79 of its retail stores across Canada. The company has not released a timeline for the reopening of those stores. London Drugs was quick to assure customers that at this time does not believe any consumer or employee data was stolen. The incident remains under investigation.  

How it Could Affect Your Customers’ Business: This type of closure is an existential threat to any retail chain, especially as it drags on, costing more money and angering more customers.

Kaseya to the Rescue:  See exactly how a hacker would penetrate your network quickly and affordably with network penetration testing. This guide helps you choose the right solution. GET GUIDE>>

Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>

United Kingdom – Carpetright

Exploit: Malware

Carpetright: Retailer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.376 = Severe

UK carpet retailer Carpetright fell victim to a cyberattack last week that disrupted operations including customer order processing. Carpetright said that its network was taken offline fast to ensure that the malware was isolated before the bad actors were able to access or steal any data. Employees were left unable to access their payroll information, customer service phone lines were knocked out and customers experienced order fulfillment delays.

How it Could Affect Your Customers’ Business: Every second counts in a cyberattack, so finding ways to speed up incident response is critical.

Kaseya to the Rescue: See how Datto EDR’s Ransomware Rollback helps companies reset their systems to where they were before the attack to get right back to work, minimizing downtime. LEARN MORE>> 

UK – City of Leicester (England)

Exploit: Hacking

City of Leicester (England): Municipal Government

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 1.866 = Moderate

A March 7, 2024, cyberattack on the city of Leicester has left the city’s streetlights on 24/7. In the wake of the attack, many city offices were left without phone and computer systems. Those systems have since been restored, but the issue of the perpetually on streetlights has not yet been solved. City officials said that the problem was caused by the shutdown of IT systems in the wake of the cyberattack. That shutdown left city workers unable to access the inner workings of the city’s lighting system, which is set to keep the lights on all the time in default mode. Bad actors were also able to snatch an indeterminate amount of data. The INC ransomware group has claimed responsibility for the attack.  

How it Could Affect Your Customers’ Business: A cyberattack can cause a city to lose access to portions of its critical infrastructure and that is a danger to the public.

Kaseya to the Rescue: Our infographic walks you through exactly how security awareness training prevents the biggest cyber threats that businesses face today. DOWNLOAD IT>>

Sweden – Skanlog

Exploit: Ransomware

Skanlog: Logistics Company

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.602 = Moderate

Happy Hour is over in Sweden as liquor store shelves empty in the wake of a cyberattack that crippled logistics company Skanlog. The company is a key distributor for Systembolaget, Sweden’s government-owned chain of retail shops for beverages stronger than 3.5% alcohol by volume. A Skanlog executive said that North Korean hackers are behind the attack. Officials warned that certain beers, wines and spirits could be sold out within a few days with no clear timeline for when the supply will begin flowing again.  

How it Could Affect Your Customers’ Business: The pace of supply chain attacks is continuing to increase as technology makes businesses become constantly more interconnected.

Kaseya to the Rescue: This infographic includes 10 handy tips to help you get the most out of your security awareness training solution and run an effective program. GET INFOGRAPHIC>>

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident

dark web threats represented by a hacker in a hoodie shrouded in shadows with faint binary code

Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>

 Watch Our Security Suite Q2 Product Update Webinar on-Demand

We’ve added a wealth of new features and innovations to Datto EDR, RocketCyber Managed SOC, Graphus, BullPhish ID and Dark Web ID in Q2 2024, and we’re excited to tell you all about it! In our Q2 Security Suite Product Update Webinar, we reveal the latest updates and enhancements to Datto EDR, RocketCyber Managed SOC, Graphus, BullPhish ID and Dark Web ID. Plus, learn all about our brand-new antivirus, Datto AV –and so much more! WATCH NOW>>

How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>

Explore the benefits and barriers of having a SOC

A security operations center is an invaluable resource, but establishing one is an expensive proposition and a daunting task. Learn about the benefits and barriers of choosing to partner with a managed SOC instead of building one yourself. DOWNLOAD IT>>

Did you miss… The Comprehensive Guide to Third-party and Supply Chain RiskDOWNLOAD IT>>

Follow the path to see how Managed SOC heroically defends businesses from cyberattacks. GET INFOGRAPHIC>>

Welcome to a transformative era in information technology (IT) and cybersecurity with the introduction of Kaseya 365 at the Kaseya Connect Global 2024 conference. Kaseya’s CEO, Fred Voccola, unveiled this comprehensive solution designed to streamline the management of all client endpoints under a unified subscription for Managed Service Providers (MSPs). After ten years of development, Kaseya 365 emerges as a complete package enabling MSPs to efficiently manage endpoints while boosting profit margins significantly. 


Datto EDR’s Ransomware Rollback rolls data and systems back to their pre-attack state in minutes SEE HOW IT WORKS>>

At its core, Kaseya 365 is built on four fundamental pillars that promise both immediate benefits and sustained success for MSPs: 

Management: The multifunctional IT professional is busier than ever these days. They don’t have time for fussy integrations and solutions that don’t play well together. Kaseya 365 consolidates management capabilities into a single, intuitive interface, enabling complete control over all devices and networks. 

Security: Kaseya 365 addresses the compromises MSPs frequently make in securing endpoints due to cost constraints or customer perceptions. With its integrated robust security features, MSPs can now offer top-tier security solutions affordably and profitably. 

Backup: In today’s volatile cyber environment, reliable data backup is indispensable. Kaseya 365 simplifies the process for MSPs, ensuring their clients’ data is protected against cyber threats and disasters without extra costs. 

Automation: Addressing the acute IT skills gap and resource limitations, Kaseya 365 integrates 20 essential automations that reduce mundane tasks and errors, enhancing service delivery. Additional modules from IT Complete can be integrated for further capabilities. 

What should you be looking for in an EDR solution? This checklist helps you make a smart choice! GET IT>>

Transitioning to Kaseya 365 is straightforward. Existing Kaseya + Datto customers can upgrade seamlessly, maintaining all prior functionalities while gaining new features to enhance their operational efficiency. Kaseya 365 is available in two tiers: 

  • Kaseya 365 Express: Covers all fundamental aspects of endpoint management including remote monitoring, advanced software management, antivirus, ransomware detection and endpoint backup. 
  • Kaseya 365 Pro: Includes everything in the Express tier plus advanced endpoint detection and response (EDR). 

Business Growth and Efficiency with Kaseya 365: Kaseya 365 not only simplifies MSP operations by consolidating services into one package but also enhances efficiency through its Integration Universe, allowing further automation and streamlined workflows. This reduces overhead and empowers technicians to focus on strategic goals. 

Cost Efficiency and Revenue Opportunities: Kaseya 365 is cost-effective, undercutting fragmented solutions while offering superior integration. MSPs can offer free trials or even free services, enhancing customer loyalty and acquisition. The platform also allows customization to cater to unique customer needs effectively, multiplying MSPs’ profit margins. 

Kaseya 365 is a pioneering solution in the IT landscape, promising to redefine how MSPs operate, optimize costs and expand their businesses. This platform stands as a monumental shift, ensuring customer satisfaction and setting a new standard in managed IT services. 

See why EDR is the perfect investment to make in your future right now in our buyer’s guide. DOWNLOAD IT>>

Deciphering Cybersecurity: Clearing Up Common Misconceptions

May 7, 2024 | 1 PM ET / 10 AM PT

How well do you know your cybersecurity terminology? It’s an industry that speaks its own language, filled with acronyms. Join us for an informative webinar that demystifies the complex world of EDR, MDR, XDR, SOAR, SOC and SIEM and discover how these technologies interlock to shield your organization from today’s cyber threat. REGISTER NOW>>

It’s Time to Play Cybersecurity Jeopardy!

May 16, 2024 | 1 PM ET / 10 AM PT

Spring is in the air, and it’s time to challenge your cybersecurity knowledge in another exciting installment of Cybersecurity Jeopardy! Hosted by Miles Walker, Channel Development Manager, you’ll see top industry experts battling it out for the title of Cybersecurity Jeopardy Champion. And the excitement doesn’t stop there — you get to participate too! Test your skills by answering questions live and stand a chance to win fantastic prizes. REGISTER NOW>>

May 7 – Deciphering Cybersecurity: Clearing Up Common Misconceptions REGISTER NOW>>

May 16 – Kaseya+Datto Connect Local Melbourne REGISTER NOW>>

May 16 – Kaseya+Datto Connect Local New York (Security and Compliance Series) REGISTER NOW>>

May 30 – Kaseya+Datto Connect Local Sydney REGISTER NOW>>

June 11 -13: Kaseya DattoCon Europe (Dublin) REGISTER NOW>>

June 18:  Kaseya+Datto Connect Local Toronto (Security and Compliance Series) REGISTER NOW>>

October 28 – 30: Kaseya DattoCon (Miami) REGISTER NOW>>

dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>

Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!

let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>

Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!