Please fill in the form below to subscribe to our blog

The Week in Breach News: 04/27/22 – 05/03/22

May 04, 2022

May the 4th be with you as you fight the good fight against cybercrime! This week, we’ll look at two attacks by the new ransomware group Black Basta, more trouble for power companies and how to build a great security and compliance awareness training program.  

Go inside nation-state cybercrime to get the facts and learn to keep organizations safe from trouble! GET EBOOK>>

American Dental Association

Exploit: Ransomware

American Dental Association: Professional Organization

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802 = Severe

The American Dental Association (ADA) was hit by a ransomware attack, allegedly conducted by new ransomware group Black Basta. The attack disrupted various online services, telephones, email, and webchat. Outage at the ADA website has caused some online services to be inaccessible, including the ADA Store, the ADA Catalog, MyADA, Meeting Registration, Dues pages, ADA CE Online, the ADA Credentialing Service and the ADA Practice Transitions.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business: The healthcare sector has been under siege from cybercriminals and the pressure isn’t letting up anytime soon.

ID Agent to the Rescue: Learn to mitigate your clients’ ransomware risk and protect them from trouble wth the resources in our Deep Dive Into Ransomware bundle! GET BUNDLE>>

The Coca-Cola Company

Exploit: Ransomware

The Coca-Cola Company: Beverage Manufacturer & Distributor

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.804 = Moderate

The new ransomware group Stormous claims they’ve pulled off a ransomware attack against The Coca-Cola Company, claiming that it snatched 161 gigabytes of data. The hacking group has been linked with Russian nationalist cybercrime following its public statement vowing to take action against companies that pulled out of Russia in the wake of Russia’s invasion of Ukraine. Financial data, passwords and commercial account records are said to be among the stolen data. Coca-Cola says that it is investigating the matter.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business ransomware can have a negative impact on a business even if it doesn’t shut down operations.

ID Agent to the Rescue: See the mechanics of ransomware, plus get tips and expert advice to guide you through securing your clients effectively in Ransomware 101READ IT>> 


Exploit: Hacking

ARcare: Medical Clinics

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.711 = Severe

 ARcare, a medical services company that operates clinics for underserved communities in Arkansas, Kentucky and Mississippi, disclosed a data breach impacting an estimated 345,000 patients in a filing with The U.S. Department of Health and Human Services (HSS). After a disruptive incident on February 24, 2022, an investigation turned up the unwelcome news that a malicious hacker had access to ARcare’s network over a five-week period between January 18 and February 24.  

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.814 = Severe

Potentially exposed patient data includes names, Social Security numbers, drivers’ license or state identification numbers, dates of birth, financial account information, medical treatment information, prescription information, medical diagnosis or condition information and health insurance information.  

How It Could Affect Your Customers’ Business: This is going to be a very expensive problem once regulators get finished with it.

ID Agent to the Rescue: Find and slay dastardly vulnerabilities in your clients’ security strategy and emerge victorious with the Cybersecurity Monster Hunter’s Checklist! GET IT>> 

Set businesses on the zero trust path with the 6 Tips for Implementing Zero Trust Security infographic! GET IT>>

Costa Rica – Junta Administrativa del Servicio Eléctrico de Cartago (JASEC)

Exploit: Ransomware

Junta Administrativa del Servicio Eléctrico de Cartago (JASEC): Power Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.626 = Severe

Conti ransomware is to blame for continued trouble in Costa Rica’s public sector. After crippling several federal departments last week, the group has not snarled operations at Junta Administrativa del Servicio Eléctrico de Cartago (JASEC), electricity manager for the city of Cartago, population 160,000. Officials said that the attack has encrypted the servers used to manage the organization’s website, e-mail, administrative collection systems and more, rendering customers unable to pay for electricity and internet bills.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Infrastructure targets have had increasing trouble in the past 12 months, with the FBI reporting ransomware attacks in 14 of 16 infrastrucure sectors.

ID Agent to the Rescue:  Get an in-depth look at how ransomware is evolving and who profits from it in our hit eBook Ransomware Exposed. GET THIS EBOOK>> 

Trinidad and Tobago – Massy Stores

Exploit: Hacking

Massy Stores: Supermarket Chain

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.311 = Extreme

The biggest supermarket chain in Trinidad, Massy Stores, was forced to temporarily suspend operations over the weekend after a cyberattack took out key systems, including cash registers. Surepay and Moneygram services were also impacted. The company says that no customer or employee data was stolen. Some stores have resumed operations, and the incident is under investigation.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Retailers have been getting hammered by cyberattacks coming in at 3rd on the list of industries most hit by ransomware attacks.

ID Agent to the Rescue Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>> 

Learn to unleash the power of checklists and other downloads in your marketing efforts! WATCH WEBINAR>>

UK – The General Council of the Bar (GCB) 

Exploit: Hacking

The General Council of the Bar (GCB): Regulatory Body

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.909-Severe

The General Council of the Bar (GCB) notified users of its website that it has been the victim of a cyberattack. GCB comprises the representative Bar Council and regulator Bar Standards Board. The attack has rendered several systems temporarily inaccessible including MyBar. The body’s statement notes that Authorisation to Practise and Court ID cards have both been extended due to this technical difficulty. The incident has been reported to ICO, National Cyber Security Centre and the Police. 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business In a challenging economy, no government can afford this kind of incident or the associated bills.

ID Agent to the Rescue Security awareness training reduces the chance of an incident by 70%. Learn to build a program with the How to Build a Security Awareness Training Program eBook. GET IT>> 

Germany – Deutsche Windtechnik 

Exploit: Ransomware

Deutsche Windtechnik: Power Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.096 = Severe

German wind farm operator Deutsche Windtechnik has disclosed that it was the victim of a ransomware attack. The Black Basta group is thought to be behind the attack after the company’s data appeared on its leak site. The attack took place April 11-12, 2022.  Deutsche Windtechnik noted that after shutting off systems for safety, they were able to reactivate the remote data monitoring connections to their wind turbines within a day or two. The incident was reported to the German Federal Office for Information Security (BSI). 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business This is the latest in a long string of strikes against energy sector targets in Germany.

ID Agent to the Rescue Choose the right dark web monitoring solution to protect your clients from credential compromise surprises with The Dark Web Monitoring Buyer’s Guide for MSPs. DOWNLOAD IT>>

Russia – Petersburg Social Commercial Bank

Exploit: Nation-State Hacking (Hacktivism)


Petersburg Social Commercial Bank: Financial Institution 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.976 = Severe

Anonymous has not let up on hacking aimed at Russian targets. This week, the group published accounts of several more successful operations by its affiliates, including an operation against Petersburg Social Commercial bank, a major Russian bank. The group claimed vis DDoSecrets to have snatched 542 GB of data containing 229,000 emails and 630,000 files from the bank. Anonymous also announced successful forays against Elektrocentromontazh and ALET. 

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Nation-state cybercrime can impact businesses outside the government or military sphere quickly when risk continues to ripple.

ID Agent to the Rescue Nation-state cybercrime risk is escalating for businesses in every sector. Learn the basics of nation-state cybercrime and how to protect your clients. GET EBOOK>>

Use this checklist to be sure that you’ve found and mitigated every cyberattack risk that your client faces! DOWNLOAD IT>>

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident

Go Inside the Ink to see how today’s biggest threats can impact your MSP and your customers in our blog.

Just getting started in cybersecurity? This resource bundle will help you get up to speed to protect your clients fast! GET IT>>

Fresh Resources

Expand Your Knowledge in Key Areas!

6 Tips for Implementing Zero Trust Security – Are you working on moving your clients to a zero-trust architecture? These 6 tips can help you make sure you’ve got the bases covered. DOWNLOAD INFOGRAPHIC>>

BullPhish ID & Graphus Product Update – Get the scoop on innovations and new features coming soon to BullPhish ID and Graphus. WATCH WEBINAR>>

MSP Cybersecurity Roundtable: Nation-State Hacking – Don’t miss this expert discussion of today’s nation-state cybercrime risks and how to protect your clients! WATCH WEBINAR>>

Did you miss… The checklist Are You Doing These 5 Things to Protect Your Clients from Nation-State Cybercrime? GET CHECKLIST>>

The right dark web monitoring could be the difference between security success or failure. This checklist helps you find it GET IT>>

5 Tips for Building Effective Security & Compliance Awareness Training Programs  

Give Your Clients Exactly the Training They need for Maximum Satisfaction

Security and compliance awareness training is critical for companies that want to maximize their chance to avoid cybersecurity trouble or expensive compliance failures. It’s also a great way for MSPs to round out their menu of security services and stay in touch with the challenges that their clients may be facing when it comes to security and compliance. However, running effective security awareness training programs can be more challenging than it may seem at first. These tips can help MSPs run efficient and effective security and compliance awareness training programs that result in higher client satisfaction and stronger protection against cybersecurity trouble.  

This MSP-focused guide gives you insight into finding the ideal dark web monitoring solution. GET THE GUIDE>>

Advance Planning is Crucial 

Planning the scope, depth and substance of a program is just as important as executing the training. Only through taking the time to prepare the right program for your clients will you be able to ensure that you’re really meeting their security and compliance training needs effectively. It is critical to plan the entire program and get your clients’ buy-in before you start delivering any training. Making sure that everyone is on the same page up front will eliminate many headaches later.  

The industry-standard guidelines set forth in NIST Special Publication 800-50 “Building an Information Technology Security Awareness and Training Program” are a great place to start establishing your foundation. To ensure that your training program will cover all of the bases for your client, your security and compliance training program should follow the general framework that is recommended.  

The Four Phases of Program Development 

  1. Awareness and Training Program Design 
  2. Awareness and Training Material Development 
  3. Program Implementation 
  4. Post-Implementation 

The right dark web monitoring could be the difference between security success or failure. This checklist helps you find it GET IT>>

No Two Programs Are Exactly the Same 

Since no two businesses operate in the exact same way, no two security and compliance awareness training programs will operate in the exact same way either. Every client’s business will have unique needs when it comes to training and compliance. For a truly successful program, you and your client need to be on the same page about their organization’s training needs and how you can fulfill them. Spending time laying out those expectations and how training will be structured is key to ensuring that there aren’t any areas in which your training program doesn’t meet your client’s expectations.

NIST advises that a successful IT security program consists of:     

  1. Developing IT security policy that reflects business needs tempered by known risks     
  2. Informing users of their IT security responsibilities, as documented in agency security policy and procedures and     
  3. Establishing processes for monitoring and reviewing the program.  

See five things that you can do to reduce nation-state cyber threat risk for your clients fast. GET CHECKLIST>>

Conduct Your Own Risk & Needs Assessment 

The last piece of the puzzle is conducting your own rigorous risk and needs assessment. Your client will certainly tell you what they think their organization needs in terms of training based on their own experience and getting that data about the day-to-day operations and risk that your client’s business faces is an important step in determining their training needs. However, don’t rely on that information to inform the entirety of your program design. Why? Because unless your client is a cybersecurity and compliance expert, it is unlikely that they’ll have a good grasp on their organization’s true training needs.

Start out by noting the relevant risks, the possible security and compliance problems that you’re intending to solve and the behaviors that you’d like to encourage like “better password habits,” “awareness of brand impersonation phishing” or “HIPAA compliant data handling”.   

Then gather data that should be factored into your training plan like: 

  • A list recent security incidents, their origin and their consequences 
  • Recent compliance failures, including causes and penalties 
  • The unique needs for training of employees or executives based on job type, duties and risks 
  • The feedback and metrics from any current or past training programs  
  • Any existing assessments from regulators, oversight bodies, internal surveys or client feedback 

Get a step-by-step guide to building an effective security and phishing awareness training program. GET GUIDE>>

Establish the Parameters for Successful Training 

Before you deliver a single lesson, maximize your client’s satisfaction with the training process and the result by establishing the criteria that will be used to measure the program’s success. Gather all of the results of your risk and needs assessment research into a simple working document that codifies the scope and particulars of the program. Go over it with your client to ensure that there aren’t any unexpected hiccups.

You should include these elements: 

  • The basic requirements of any local, national or industry compliance standards that are the impetus for your client’s training program. 
  • The scope of the program including the roles and responsibilities of everyone involved with the program.  
  • Your client’s exact, defined goals like “understanding PCI-DSS compliance” or “detection of phishing emails.” 
  • Any essential factors that must be accounted for like compliance examinations, organizational impact, critical project dependencies, availability of training resources, geographic or time constraints, etc.  
  • The composition of your training groups and the courses or training types that are mandatory and optional for each group. 

Don’t forget to include: 

  • The topics that the program will address. 
  • The cadence of training 
  • How you will deploy the training 
  • How to document feedback and learning accomplishments 
  • How training materials and procedures will be evaluated  
  • When the program’s success will be evaluated 
  • Available funding and resources 
  • The KPIs and metrics that define success 

dark web danger represented by a shadowy hacker using a hook to steal a password from a square flating over a laptop with other warnings in an animated style

Spark profitable security training conversations with clients & prospects by giving them this list of risks. DOWNLOAD IT>>

Don’t Skip the Follow-up & Review Step 

Conducting a regular review of the effectiveness and performance of the program is beneficial for everyone involved. It gives you and your clients a chance to ensure that the program fits the evolving needs of your client’s business. This is the perfect time to make adjustments like tweaking the training cadence, adding training for new compliance requirements or shifting focus to new risks to ensure that your program is perfectly customized for each of your clients. The review phase also gives you the opportunity to show off a bit, demonstrating the value of training to your clients with hard data by delivering a success report.

Keep these tips in mind: 

  • Employees and managers may have different opinions. Seek feedback from as many users at every level as you can. 
  • Encourage everyone to be honest and make sure that users know that their feedback will not be used against them. 
  • Take a hard look at your client’s budget and resources to  see if there’s anywhere that you can make adjustments that will pay off. 
  • Make sure that the metrics you’re using to define success align with your KPIs and are exactly what you and your client agreed upon. 

The Guide to Reducing Insider Risk can help IT pros stop security incidents before they start! GET IT>>

Deliver Exactly the Training Your Clients Need with BullPhish ID 

Help your clients reduce their risk of cyberattacks and compliance failures with the channel-leading solutions Dark Web ID and BullPhish ID.  

Security and Compliance Awareness Training   

BullPhish ID is the ideal security and compliance awareness training solution for companies of any size.  

  • A huge library of security and compliance training videos in 8 languages – and 4 new video lessons are added a month!    
  • Plug-and-play or customizable phishing training campaign kits with new kits released regularly   
  • Easy, automated training delivery through individual user portals   

Dark Web Monitoring   

Dark Web ID offers businesses best-in-class protection from dark web credential compromise risk  

  • 24/7/365 monitoring using real-time, analyst validated data    
  • Fast alerts to compromises of business and personal credentials, including domains, IP addresses and email addresses  
  • Find compromised credentials in minutes   

You’ll also benefit when you choose to offer ID Agent solutions by gaining access to the best sales enablement program in the business through Kaseya Powered Services. Join the over 4,000 MSPs who are prospering as an ID Agent partner! 

See how security awareness training grows your MRR + get tips for selling it! WATCH NOW>>

May 10: The Ultimate IT Growth Conference REGISTER NOW>>

May 10-11: MSP Sales Revolution REGISTER NOW>>

May 17: Cyber Attacks on Small Business: The Good News and the Bad News w/ Dark Cubed REGISTER NOW>>

May 19: The Security Event for the European Channel REGISTER NOW>>

May 24-25: ASCII MSP Success Summit – Boston REGISTER NOW>>

Jun 20-23: Connect IT Global in Las Vegas REGISTER NOW>>

It’s a bird, it’s a plane, it’s your revenue rising into the stratosphere with 6 Power-Ups That Will Make You a Sales Superhero. GET IT>>

Security and Compliance Training is Your Best Technology Investment

Security and compliance training isn’t just another expense for businesses. It’s actually an opportunity o save money in several unexpected ways that benefir your company’s security and your bottom line.

The price of compliance failure is high and growing every year. But companies that engage in regular security and compliance training save money on compliance. A corporate data security training program saves businesses an average of $2.54 million in costs. 

Increasing training decreases the number of security incidents that companies have because educated employees are less likely to make mistakes and more likely to know what to do if they suspect trouble. Companies that engage in regular security awareness training have 70% fewer security incidents

Don’t wait to start enjoying these benefits – work with your MSP to create and implement your security and compliance awareness training program today.

Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

ID Agent Partners: Feel free to reuse this post (in part or in its entirety) When you get a chance, email [email protected] to let us know how our content works for you!

let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>

Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!