The Week in Breach News: 08/09/23 – 08/15/23
This week: MOVEit continues to snowball, a cyberattack causes a huge MLS outage, ransomware hits a copper mine, how Ransomware Rollback gets companies back on their feet fast and three managed SOC must-haves.
See what the biggest cybersecurity challenges are right now in our Mid-Year Cyber Risk Report 2023. DOWNLOAD IT>>
The Colorado Department of Health Care Policy & Financing (HCPF)
Exploit: Supply Chain Attack
The Colorado Department of Health Care Policy & Financing (HCPF): Government Agency
Risk to Business: 1.876 = Severe
The Colorado Department of Health Care Policy & Financing (HCPF), a state government agency that manages the Health First Colorado (Medicaid) and Child Health Plan Plus programs, is alerting more than four million individuals of a data breach that impacted their personal and health information. HCPF said that the data exposure occurred through their contractor IBM thanks to the MOVEit vulnerability. Bad actors likely exfiltrated files that contained certain Health First Colorado and CHP+ members’ information, including, full names, Social Security numbers, Medicaid ID numbers, Medicare ID numbers, dates of birth, home address, contact information, income information, demographic data clinical data (diagnosis, lab results, treatment, medication) and health insurance information.
How It Could Affect Your Customers’ Business: Companies face unexpected danger every day from zero-day exploits and need to be prepared for trouble.
Kaseya to the Rescue: Learn more about how our Security Suite can help MSPs protect their clients from expensive and damaging cyberattacks and other information security trouble. GET THE FACT SHEET>>
Freeport-McMoRan Inc.
https://www.mining-technology.com/news/freeport-mcmoran-cybersecurity-incident/
Exploit: Supply Chain Attack
Freeport-McMoRan Inc: Copper Mine Operator
Risk to Business: 2.721 = Moderate
Freeport-McMoRan Inc., the world’s top publicly traded copper miner, has experienced a ransomware attack that has taken down the company’s information systems. The attack hit last Tuesday, causing the initial shutdown of IT systems. The Phoenix-based company is not expecting a significant impact on production unless the outage is sustained. The mining firm said it is investigating the incident with third-party experts and law enforcement.
How It Could Affect Your Customers’ Business Supply chain cyberattacks are escalating, and the risk they bring to businesses needs to be top-of-mind for IT professionals.
Kaseya to the Rescue: Credential compromise isn’t the only risk that businesses face from the dark web. Learn about five dark web dangers for businesses in this infographic. GET INFOGRAPHIC>>
Rapattoni
Exploit: Hacking
Rapattoni: Real Estate Technology Provider
Risk to Business: 1.673 = Severe
Home buyers and real estate professionals have experienced frustrations in the past week after a cyberattack nailed Rapattoni, a software and services provider that is best known for providing access to the nationwide Multiple Listing Services (MLS) to regional real estate groups. The California-based company said in a statement that its production network was hit by a cyberattack and it is working to get systems restored as soon as possible. MLS systems have been down since last Wednesday for many real estate agencies. The incident is under investigation
How It Could Affect Your Customers’ Business: A successful cyberattack on a service provider can have a big impact on many other businesses.
Kaseya to the Rescue: Explore how security awareness training helps organizations defend against today’s most dangerous cyber threats in this infographic. DOWNLOAD IT>>
The Indiana Family and Social Services Administration
Exploit: Supply Chain Attack
The Indiana Family and Social Services Administration: Government Agency
Risk to Business: 1.649 = Severe
The Indiana Family and Social Services Administration has announced that it has experienced a data breach, exposing data belonging to more than 700,000 Indiana Medicaid members. The breach came as a result of the MOVEit-related attack at government services company Maximus. The names, addresses, case numbers and Medicaid numbers of 744,000 people were snatched by bad actors in the incident.
How It Could Affect Your Customers’ Business: Supply chain attacks are escalating, and just one attack on a supplier can be a big problem that brings big bills for any organization.
Kaseya to the Rescue: Every company needs to be ready for trouble with an incident response plan in place to minimize downtime and speed up recovery. This checklist can help. DOWNLOAD CHECKLIST>>
See the path from a cyberattack to a defensive success with managed SOC in this infographic. GET IT>>
Alberta Dental Service Corporation
Exploit: Hacking
Alberta Dental Service Corporation: Government Services Provider
Risk to Business: 1.737 = Severe
More than 1.4 million people in Alberta had their data exposed as the result of a cyberattack on government health service provider Alberta Dental Services Corporation. The dental services corporation administers low-income health benefit programs such as Assured Income for the Severely Handicapped and the Dental Assistance for Seniors Program. The company admitted that a bad actor gained access to part of its information technology infrastructure. The hackers were able to obtain the personal information of people enrolled in provincial government health benefit programs including patient names, addresses and banking information. Corporate information of some healthcare providers appears to be affected. An investigation is ongoing.
How it Could Affect Your Customers’ Business: Governments of every size and government agencies have been high on cybercriminal hit lists.
Kaseya to the Rescue: Our eBook How to Build a Security Awareness Training Program helps IT professionals design and implement an effective training program quickly. DOWNLOAD IT>>
What cybercriminal tricks do employees fall for in phishing simulations? Find out in this infographic. GET IT>>
United Kingdom – The Electoral Commission
Exploit: Hacking
The Electoral Commission: Government Agency
Risk to Business: 1.682 = Severe
The UK’s Electoral Commission has disclosed a data breach after the names and addresses of 40 million registered voters were left exposed and accessible as far back as 2021. The attack was discovered last October and reported to the Information Commissioner’s Office (ICO), as well as the National Crime Agency, but the public wasn’t informed. Bad actors gained access to the names and addresses of all voters registered between 2014 and 2022. The attackers were also able to access full copies of the electoral registers that were held by the commission for research purposes and to enable permissibility checks on political donations.
How it Could Affect Your Customers’ Business: Voting and election data is highly sensitive, and organizations that handle it must implement strong security.
Kaseya to the Rescue: See how the solutions in Kaseya’s Security Suite help IT professionals minimize risk, avoid cyberattacks and build a cyber-savvy workforce. WATCH THE WEBINAR>>
United Kingdom – Cumbria Police
Exploit: Human Error
Cumbria Police: Law Enforcement Agency
Risk to Business: 1.413 = Moderate
Cumbria Police have admitted that they’ve experienced a data breach caused by human error. Police officials said that they became aware of a data breach on March 6, 2023. In this incident, information about the pay and allowances of every police officer and data about police staff roles was mistakenly uploaded to the department’s website and left unsecured. The leak affected 1,304 police officers, 756 staff members and 52 police community support officers.
How it Could Affect Your Customers’ Business: Security awareness training is the best way to prevent incidents like this caused by human error.
Kaseya to the Rescue: Strengthen your training program to prevent data disasters with our 10 Tips for Successful Employee Security Awareness Training Checklist. DOWNLOAD IT>>
Northern Ireland – Police Service of Northern Ireland (PSNI)
https://securityaffairs.com/149359/data-breach/psni-data-leak.html
Exploit: Human Error
Police Service of Northern Ireland (PSNI): Law Enforcement Agency
Risk to Business: 1.302 = Extreme
The Police Service of Northern Ireland (PSNI) has admitted that it accidentally shared sensitive data about all 10,000 serving police officers. The data was mistakenly provided in response to a Freedom of Information (FOI) request. The exposed data includes the surname, the first initial, the rank or grade, the location and the department of all 10,000 serving police officers. The data was leaked in a spreadsheet that was published online this week. It remained accessible for more than two hours before being taken down.
How it Could Affect Your Customers’ Business: The exposure of this data about police officers could be dangerous in such a volatile environment.
Kaseya to the Rescue: Follow the path to see how Managed SOC defends businesses from cyberattacks efficiently and effectively without breaking the bank in a handy infographic. GET IT>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident
Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>
3 Fresh Courses in BullPhish ID
Check out these three training courses that are now available in BullPhish ID:
The Dangers of Password Sharing: Learn why password sharing is a bad idea and a fast path to a data breach or cyberattack for your organization.
The Basics of Multifactor Authentication: Find out what multifactor authentication is and what the benefits of implementing it are.
Introduction to Phishing (updated version): Examine the components of phishing, its various attack types and what steps to take if you suspect you have received a phishing email.
Learn more in the BullPhish ID Release Notes.
Available in English, Spanish, French, Portuguese, German and Dutch!
How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>
How Datto EDR with Ransomware Rollback Helps You Recover Fast from a Ransomware Attack
How Datto EDR with Ransomware Rollback Helps You Recover Fast from a Ransomware Attack
See how a ransomware attack could hit your organization and follow the path to restoring a company’s data and getting that company back on its feet fast with the Ransomware Rollback feature in Datto EDR. DOWNLOAD THE INFOGRAPHIC>>
Did you miss…A Comprehensive Guide to Email-based Cyberattacks? DOWNLOAD IT>>
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
3 Managed SOC Must-Haves
In a fast-paced threat landscape, companies face a constantly changing level of risk for a data breach or other damaging cybersecurity incident. And if the worst does happen, too many companies don’t discover their data breach themselves. According to IBM’s Cost of a Data Breach Report 2023, only one in three businesses that experienced a data breach identified that data breach using the company’s own security teams or tools. An estimated 67% of data breaches are instead discovered by a benign third party or by the attackers themselves. That means that many companies need better threat detection and would benefit from investing in a managed SOC. When shopping for a managed SOC, don’t overlook these three must-haves.
Excerpted in part from our eBook How to Pick the Right Managed SOC Solution DOWNLOAD IT>>
Find out how Datto EDR helps with Health Insurance Portability and Accountability Act (HIPAA) compliance. GET INFO>>
Easy Integration of the SOC is Key for Operations and Cost Effectiveness
Cost is always a top concern when considering making security moves. You want to be sure that you’ve got everything covered, but you don’t want to pay for extraneous bells and whistles. Opting for a managed SOC should save you money over establishing your own. To make it even more cost-effective, choose a managed SOC that smoothly integrates with leading types of endpoint, networking and cloud solutions including:
- AV/AM Monitoring with Bitdefender, Cylance, Deep Instinct, SentinelOne, Sophos, Webroot, Windows Defender
- Firewall Analyzer & Monitoring with Barracuda, Cisco Meraki, Fortinet, Juniper, pfSense, SonicWall, Ubiquiti, Untangle, WatchGuard
- Email and DNS Monitoring with Graphus, Barracuda, DNSFilter, IRONSCALES, Microsoft 365, Google Workspace
- PSA ticketing support platforms, a must-have integration to effectively and efficiently streamline security and operations activities.
See why EDR is the perfect investment to make in your future right now in our buyer’s guide. DOWNLOAD IT>>
Make sure you won’t encounter nasty surprises as you grow
A SOC that’s good enough right now isn’t the right solution. Your business is dynamic and ever-changing. You need a managed SOC service that grows as you grow with simplified pricing that makes sense throughout your relationship. Pricing that’s volume-based or by the terabyte leads to bills that balloon quickly. An ideal solution is priced by the number of endpoints you’re maintaining, so as your endpoint infrastructure grows, you can manage costs along the way.
Get the scoop on 5 of the worst email-based attacks plus tips to protect businesses from them. GET INFOGRAPHIC>>
Look for world-class support
Don’t settle for weak support or a lack of innovation when you choose your managed SOC. You should be able to discuss your security needs with your managed SOC provider and feel comfortable asking questions. Your provider should also make an effort to keep you up to date on new integrations and what’s going to happen in upcoming development cycles.
It’s also critical to choose a managed SOC provider that has a reputation for innovation. Cybersecurity is a fast-moving world, with new threats and risk factors popping up every day. Your SOC needs to be able to keep up with those changing demands today and be ready to face the threats of tomorrow so you can feel confident that you’ve got security handled.
Get tips & advice to help you build a smart incident response plan in our guide. GET YOUR GUIDE>>
Transform Your Security with Managed SOC
Stop advanced threats with Managed SOC, a world-class managed detection and response solution from Kaseya. Our innovative Managed SOC is an affordable and effective way to power up your security. When you choose to partner with us, you gain access to an elite team of cybersecurity veterans that will help you hunt for threats and triage them. Plus, they’ll be standing by 24/7/365 to dive in immediately and work with your team when actionable threats are discovered.
Learn how managed SOC gives you big security expertise on call 24/7without the big price tag. LEARN MORE>>
Kaseya’s Security Suite Offers IT Professionals the Tools for Security Success
Get powerful protection and must-have tools for keeping businesses out of cybersecurity trouble with Kaseya’s Security Suite.
Dark Web ID — Our award-winning dark web monitoring solution is the channel leader for a good reason: it provides the greatest amount of protection around with 24/7/365 human and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.
BullPhish ID — This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents cyberattacks and reduces an organization’s chance of experiencing a cybersecurity disaster by up to 70%.
Graphus — Automated email security is a cutting-edge solution that puts three layers of AI-powered protection between employees and phishing messages. It works equally well as a standalone email security solution or supercharges your Microsoft 365 and Google Workspace email security.
Kaseya Managed SOC powered by RocketCyber — Our managed cybersecurity detection and response solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.
Datto EDR — Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).
See how Managed SOC gives businesses an essential edge against cyberattacks. DOWNLOAD INFO SHEET>>
August 17: Kaseya + Datto Symposium Long Branch REGISTER NOW>>
August 17: Kaseya + Datto Connect Singapore REGISTER NOW>>
August 22: Kaseya + Datto Connect Local Kansas City REGISTER NOW>>
August 29: Kaseya + Datto Connect Local San Diego REGISTER NOW>>
August 29: Kaseya + Datto Connect Local Denmark REGISTER NOW>>
August 31: Kaseya + Datto Connect Local Sweden REGISTER NOW>>
September 7: Kaseya + Datto Connect Local Netherlands REGISTER NOW>>
September 14: Kaseya + Datto Connect Local San Antonio REGISTER NOW>>
September 21: Kaseya + Datto Connect Local Nashville “Building the Business” Series REGISTER NOW>>
September 26: Kaseya + Datto Connect Local Sugarland Sales & Marketing Series REGISTER NOW>>
September 28: Kaseya + Datto Connect Local Charlotte REGISTER NOW>>
October 2 – 4: Kaseya DattoCon in Miami REGISTER NOW>>
Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!