The Week in Breach News: 06/15/22 – 06/21/22
Healthcare and education have a bad week, political hacking intrigue in Germany and five things you need to know about malware and related threats right now.
See cybercrime trends & the results of thousands of phishing simulations in The Global Year in Breach 2022. DOWNLOAD IT>>
Exploit: Credential Compromise
Kaiser Permanente: Healthcare Provider
Risk to Business: 2.176 = Severe
A data breach at healthcare and insurance giant Kaiser Permanente has exposed the personal information and health data of patients in the state of Washington. The company says that an unauthorized party gained access to its systems through a compromised employee email account in April 2022. The U.S. Department of Health and Human Services Office for Civil Rights reports that 69,589 records were potentially exposed as a result of the email security slip-up at Kaiser’s Washington unit.
Individual Risk: 2.278 = Severe
Exposed data includes a patient’s first and last name, medical record number, dates of service, and laboratory test result information of the health plan provider.
How It Could Affect Your Customers’ Business: This will be an expensive employee mistake (and training failure) once regulators get finished with penalties for this incident.
ID Agent to the Rescue: Security awareness training can help companies prevent costly mistakes like this. Learn how to make it happen in How to Build a Security Awareness Training Program. GET IT>>
Comstar: Medical Billing Service
Risk to Business: 1.742 = Severe
U.S. ambulance billing service Comstar has disclosed that it has exposed sensitive information belonging to medical patients. The company stated that it notices suspicious activity in March 2022, and an investigation determined that certain systems on Comstar’s network were subject to unauthorized access, but investigators were ultimately unable to confirm what specific information on those systems was accessed.
Individual Risk: 1.861 = Severe
Exposed information may include patient names, dates of birth, information regarding medical assessment and medication administration, health insurance information, drivers’ licenses, financial account information, and Social Security numbers.
How It Could Affect Your Customers’ Business Any breach that involves healthcare data is going to cost the company a pretty penny in cleanup and fines.
ID Agent to the Rescue: See the biggest risks that businesses face today and get a look at what cyber threats your clients will be facing tomorrow in The Global Year in Breach 2022. DOWNLOAD IT>>
Exploit: Credential Stuffing
Robert Half: Staffing Company
Risk to Business: 2.601 = Moderate
Robert Half has determined that more than 1000 job seekers and employees placed by the firm had their accounts accessed by an unauthorized source between April 26 and May 16, 2022, exposing potentially sensitive information that may have been stolen. The company says that there is no evidence that the information was actually accessed or downloaded, and current users are required to update their passwords.
Individual Risk: 2.612 = Moderate
The release disclosed that the targeted accounts stored information such as name, address, and social security number, as well as wage and tax information. The company noted that bank account numbers for direct deposits are stored in these accounts, but only the last four digits are visible.
How It Could Affect Your Customers’ Business: Teaching employees to make good, strong passwords and handle them safely with security awareness training prevents problems like this.
ID Agent to the Rescue: The checklist Are Your Users Trained to Handle These Risks? helps program administrators make sure their programs cover all of the bases! GET INFOGRAPHIC>>
Eyecare Leaders: Medical Records Service
Risk to Business: 1.872 = Severe
An estimated two million eyecare patients may have had their personal and health data exposed by medical billing service Eyecare Leaders. 1.3 million of those patients sought treatment at Texas Tech University Health Sciences Center. The company, provider of the myCare Integrity electronic medical record platform has disclosed that it suffered a data security incident in December 2021 that resulted in “the deletion of databases and systems configuration data”. Over 20 other eyecare practices have also had patient data exposed in this incident.
Individual Risk: 1.721 = Severe
The customer data that was compromised may include names, Social Security numbers, tax ID numbers, driver’s license numbers, passport numbers, financial account/payment card account numbers, and medical or health insurance information.
How it Could Affect Your Customers’ Business: Service providers can be a source of data breach risk and an incident like this will be very expensive for every organization involved.
ID Agent to the Rescue: Help your clients make sure they’ve taken the right precautions to mitigate risks like this with the tips in the eBook Breaking Up with Third Party and Supply Chain Risk. GET IT>>
Learn how to spot and stop malicious insiders and educate users with this handy infographic! GET IT>>
Exploit: Employee Error
Memorial University: Institution of Higher Learning
Risk to Business: 2.077 = Severe
Students at Memorial University have been informed that their data has been exposed after an employee error. The blunder involved a university employee sending the wrong data to several students. About 1,000 students received emails that contained other students’ personal information, according to a statement from Memorial.
Individual Risk: 2.021 = Severe
Leaked details included names, email addresses, student numbers and programs of study. No financial or medical data was included.
How it Could Affect Your Customers’ Business Employee errors can lead to big headaches and big bills to clean up the messes left behind.
ID Agent to the Rescue Get tips and helpful data to start conversations about ways to mitigate insider risk with your clients in our Guide to Reducing Insider Risk. DOWNLOAD IT>>
Regina Public Schools
Regina Public Schools: Local Education Authority
Risk to Business: 2.206= Severe
Regina Public Schools are experiencing technical difficulties in the wake of a late-May cyberattack. The ransomware group BlackCat has claimed responsibility. The group claims to have encrypted 500 gigabytes of files belonging to RPS. BlackCat has also said that the group now possesses employee data from a wide range of sources like tax reports, health information, passports and social insurance numbers, but the school system disputes those assertions. Many schools are still experiencing internet outages, leaving teachers unable to access learning tools, grading systems and other educational assets. Services are slowly being restored.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business Schools, universities and colleges have been prime targets for cybercrime since the start of the global pandemic and need to take extra precautions.
ID Agent to the Rescue Help your clients be ready for cybercrime trouble and keep their data safe with The Computer Security To-Do List. DOWNLOAD IT>>
Learn to unleash the power of checklists and other downloads in your marketing efforts! WATCH WEBINAR>>
Germany – The Green Party
Green Party: Political Group
Risk to Business: 2.206 = Severe
The German Green party has disclosed that its IT system was hit by a cyberattack last month. The party is part of Germany’s ruling coalition. Ultimately, 11 email accounts were impacted including email accounts belonging to Foreign Minister Annalena Baerbock and Economy Minister Robert Habeck. The hacked accounts were compromised in such a way that some emails were forwarded to addresses outside the party, possibly in Russia according to Der Spiegel. Both politicians have publicly taken anti-Russia stances.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business An unprecedented wave of hacking has emerged in the wake of Russia’s invasion of Ukraine with far-reaching ripples.
ID Agent to the Rescue Get tips for keeping your clients out of nation-state trouble in the infographic Are You Doing These 5 Things to Protect Your Clients from Nation-State Cybercrime? GET IT>>
Take a deep dive into ransomware and learn to protect your clients affordably with this resource bundle! GET IT>>
South Africa – Shoprite Holdings Ltd.
Shoprite Holdings Ltd.: Supermarket Chain
Risk to Business: 1.613 = Severe
Africa’s largest supermarket chain has been hit by a ransomware attack. The company warned customers in Eswatini, Namibia and Zambia, that their personal information might have been compromised due to a cyberattack. The RansomHouse group has claimed responsibility for the attack, posting an evidence sample of 600GB of data it claims it stole from the retailer to its dark web site. The attackers were quick to ridicule Shoprite’s cybersecurity practices as part of its leak announcement.
Individual Impact: No specific information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business Ransomware is always a business disaster that costs a company time, money and reputation with a long, painful recovery.
ID Agent to the Rescue Get an in-depth look at how ransomware is evolving, who profits from it and how to fight back in our hit eBook Ransomware Exposed. GET THIS EBOOK>>
See why security awareness training is a security and revenue superstar that you & your clients need to invest in now. GET EBOOK>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident
Go Inside the Ink to see how today’s biggest threats can impact your MSP and your customers in our blog.
- Employees & Email Are a Data Security Disaster Waiting to Happen
- 10 Spoofing Facts You Need to See
- What Phishing Tricks Do Employees Fall for?
- Business Email Compromise is the Threat You Should Be Worrying About
- The Week in Breach News: 06/08/22 – 06/14/22
Set businesses on the zero trust path with the 6 Tips for Implementing Zero Trust Security infographic! GET IT>>
Grow Your Security Awareness Training Business!
Give these to your clients & prospects:
The Security Awareness Training Buyer’s Guide for Businesses
- What features to shop for in a solution
- Which training styles are the most effective
- How to determine which solution is right for them
Are Your Users Trained to Handle These Risks? This checklist lays out the most common cyber threats that employees should be trained to avoid. GET CHECKLIST>>
Watch this webinar:
From the Crown on Down: Why CXO Buy-In is Critical for Security Awareness Training Programs
Watch the on-demand recording to learn:
- What are business email compromise attacks and their impact on businesses
- Why training C-suite executives are crucial for the success of your security program
- Tactics for creating an effective security awareness plan at the executive level
Did You Miss? Our How to Build a Security Awareness Training Program eBook. DOWNLOAD IT>>
See how cyber insurance is changing and how to protect your clients from trouble. WATCH NOW>>
5 Things You Need to Know about the State of Malware Threats
Gain Insight into the Malware Fears of IT Leaders
Malware is a central concern for any IT professional tasked with keeping systems and data secure. This constantly evolving threat can appear anywhere and gain entry to a company’s environment in a myriad of ways. It’s also challenging to detect and root out, requiring a complex incident response. Unfortunately, a malware-related incident leaves a swathe of destruction in its wake, often doing massive damage to both a company’s technology systems and its budget. Malware is assuredly a top concern for any MSP and their clients. These findings from the recent State of Malware Threats Report from Dark Reading highlight 5 major malware-related concerns that IT professionals contend with daily, offering MSPs a snapshot of how these worries may impact security decision-making.
Read case studies of MSPs and businesses that have conquered challenges using Kaseya solutions. SEE CASE STUDIES>>
The Biggest Concerns & Most Frequently Detected Threats
There aren’t a whole lot of surprises on the list of malware-related concerns that survey respondents reported. Just over 60% of the IT security professionals surveyed cited ransomware as the cyberattack that they worried about the most, with 54% saying they’re most concerned about phishing attacks. The researchers noted that these concerns ranked significantly higher than they did in last year’s survey. In 2021, 41% of survey respondents said they were most concerned about ransomware and 31% ranked phishing attacks as their top concern. Other big concerns that respondents had included attacks that exploit vulnerabilities in operating systems and applications, coming in at 29% this year, 18% higher than in 2021. The number of respondents worried about attacks on IoT networks also doubled this year, a concern for about one-quarter of respondents.
The 5 Most Frequently Detected Threats of 2021
|% of respondents who encountered this threat|
|Phishing attacks to distribute malware||47%|
|Credential stealing malware||30%|
|Ransomware or Trojans and rootkits (tie)||22%|
|Malware targeting cloud systems or services||15%|
This MSP-focused guide gives you insight into finding the ideal dark web monitoring solution. GET THE GUIDE>>
Cloud & Remote Workforce Security Problems Persist
The sticky issues around remote work that IT professionals have been grappling with for the last few years haven’t abated. A majority of respondents (59%), said that their organizations experienced a large number of attacks that targeted remote workforce support including remote systems, home workers and tools for supporting remote work. Over 30% of the survey respondents categorized the number of attacks their organizations experienced as average, while another quarter said they experienced few attacks on remote workforce assets. However, it was easy to see that organizations that had strengthened their security around remote workforce risks and put the right controls in place experienced fewer attacks. Just over 30% of respondents said that their companies did not experience any attacks on their remote systems or assets. Researchers disclosed that many of the organizations that escaped attack had implemented mitigations against remote work risk like stronger access control measures, better endpoint security defenses, rolling out VPNs and multifactor authentication (MFA) and improved security awareness training.
Another major area of stress for IT professionals is in the cloud. Over 85% of IT and security decision-makers told researchers that they are very concerned about attacks on cloud service providers, including how those attacks could impact their organization’s security. Just over one-quarter of IT security professionals cited attacks on cloud systems and services as their biggest worry in. IT professionals were also concerned about concern about malware and other compromises triggered by suppliers or other trading partners. That worry has grown from 14% in 2021 to 22% in 2022. Overall concern about malware attacks on cloud systems rose slightly to 24%, up from 21% last year.
Get tips from experts in our webinar MSP Cybersecurity Roundtable: How to Improve Your Incident Response Plan WATCH NOW>>
Ransomware Fears Are High But Encounters Are Low
Ransomware is a perennial bugbear for IT teams, and that was reflected in the results of this survey, although there were a few surprises in that area. The vast majority of respondents, 82%, were more concerned about ransomware as a risk to their organization than they were in 2021. However, that’s not necessarily justified. Most organizations actually detected or encountered less ransomware in 2021 than they have in prior years. Just under one-quarter (22%) of the survey respondents said that their organization frequently encounters ransomware attacks. However, common malware is a major risk that IT teams encounter more regularly than ransomware. Half of the IT professionals surveyed said that they regularly encounter common malware and 47% see malware distribution-related phishing.
Altogether, 49% of organizations experienced a year-over-year increase in malware volumes. Additionally, almost half of respondents reported observing a slight to a significant increase in overall malware volumes over the previous 12 months, up from 39% in last year’s survey, with 36% saying that the malware volume they’ve encountered has remained the same year-over-year. Looking forward, 61% of respondents said that they expect that ransomware will remain their biggest threat for the next two years. Malware detection is growing very tricky. 65% of respondents describe the malware they have observed in the last 12 months as being harder to detect than a year ago and 58% categorized the malware that they’ve encountered as significantly more effective at breaching their defenses.
Watch this webinar to learn how to make Dark Web ID your prospecting secret weapon! WATCH NOW>>
Unexpected Worries Occupy IT Leaders
A smattering of other worries preyed on the minds of the survey respondents. AI-enabled cyberattacks popping up over the next year was a concern for 86% of the IT professionals surveyed. Almost 80% of the respondents were very concerned about threat actors using deepfakes in attacks. However, concern about malware that uses artificial intelligence stayed low, rising slightly to 8% in this year’s survey. One bright spot: just 44% of respondents said that they see risk assessment and exploit analysis as their biggest malware-related challenge, down from almost 50% last year. A further 18% of security and IT leaders said that they’re wary of malware attacks that leverage artificial intelligence (AI) in the near future, and 18% described that type of attack as their biggest cybersecurity concern over the next two years.
5 Most Concerning Cyberattacks
(by percent of total respondents)
|Exploits of OS/apps||29%||11%|
|Cloud systems & services||27%||21%|
|IoT systems & devices||24%||12%|
Just getting started in cybersecurity? This resource bundle will help you get up to speed to protect your clients fast! GET IT>>
Bolster Your Client’s Security Against Threats Like Malware with 2 Smart Solutions
Dark Web ID enables you to get a clear picture of your clients’ credential compromise threats from dark web sources.
- 24/7/365 always-on monitoring alerts businesses to credentials appearing on the dark web that may have been stolen or phished to mitigate the risk of bad actors using a stolen password to gain access to your systems and data.
- Automated alerts and reporting mean that your team doesn’t need to spend time staring at a dashboard or pulling reports.
- Dark web credential search enables you to demonstrate real-time risk by showing which credentials are compromised to prospects in minutes.
BullPhish ID improves security awareness, boosts compliance and increases phishing resistance.
- At least 4 training videos are added to our vast library every month including compliance with regulations like HIPAA, GDPR and CMMC or security topics including malware, nation-state threats, password safety and more giving every employee a solid grounding in cybersecurity pitfalls and best practices.
- Choose from our regularly updated selection of plug-and-play phishing simulation training modules or customize the content to reflect the unique industry risks those employees face daily.
- Simple reports on program success, security improvements, employee achievements and more can be automatically distributed to stakeholders.
Contact our solutions experts today to learn how your business can benefit from strong, affordable security and receive a personalized demonstration.
Join the over 4,000 MSPs who are prospering as an ID Agent Partner and you’ll gain access to the best sales enablement program in the business through Kaseya Powered Services.
Gain expert insight in the MSP Cybersecurity Roundtable: How Infrastructure Attacks Can Hurt Every Business. WATCH NOW>>
Jun 28: BullPhish ID: The Leader in Security Awareness Training Webinar REGISTER NOW>>
Learn the secret to conjuring up amazing stress-free marketing campaigns in 5 Ways to Make Marketing Magic! GET IT>>
Be Prepared for Malware Threats
Malware is one of the biggest risks that businesses face today. An infection can be disastrous, bringing nasty outcomes like data loss, system encryption, system damage, lost productivity, regulatory trouble and other expensive, business-damaging nightmares to your doorstep.
You need to make mounting a strong defense against malware a major priority. While ransomware is the malware you see most in the news, other types of malware can also hurt your business. But there are steps that you can take to mitigate your risk.
Security awareness training is a good start. The majority of malware that your business encounters will be the poisonous cargo of a phishing message. Teaching employees to spot and stop phishing threats and avoid social engineering traps will go a long way toward preventing a malware incident.
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
ID Agent Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Is your password compromised? Find out in seconds!
USE OUR PASSWORD COMPROMISE CHECKER>>
Book your demo of Dark Web ID, BullPhish ID and Passly now!