The Week in Breach News: 1/22/25 – 1/28/25
This week: A malicious insider makes trouble at the British Museum; Turks and Caicos struggles to recover from a ransomware attack; hacking puts Avery in a sticky situation and seven phishing threats IT professionals must be alert for.
Read this week’s new featured blog: 7 Phishing Attacks That Could Hook Your Users
Conduent
Exploit: Hacking
Industry: Technology
Conduent, a New Jersey-based government contractor specializing in business services and technology platforms, has reported operational disruptions following a cybersecurity incident. The company provides critical support to social service agencies and transit systems across the United States. The Department of Children and Families in Wisconsin noted that the incident was affecting its payment processing. A week prior, Oklahoma Human Services reported a technical outage affecting a customer service line. The full scope of the incident remains unclear, and investigations are ongoing.
How It Could Affect Your Customers’ Business: It pays for companies to make sure that a potential service provider is serious about security.
Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>
Mortgage Investors Group (MIG)
https://therecord.media/tennessee-mortgage-lender-confirms-cyberattack
Exploit: Ransomware
Industry: Finance
Tennessee-based Mortgage Investors Group (MIG), one of the Southeast’s largest mortgage lenders, has disclosed a cybersecurity breach that exposed sensitive customer information. The incident began on December 11 and was discovered the following day, according to a notice posted on MIG’s website. The attack allowed unauthorized access to MIG’s network, leading to the exposure of personal data, including full names and financial information of affected individuals. While MIG has not confirmed whether ransomware was involved, the Black Basta ransomware gang has claimed responsibility for the breach.
How It Could Affect Your Customers’ Business: The banking and financial services sector was the top target for ransomware gangs last year.
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from often email-based cyberattacks like ransomware in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
Hewlett Packard Enterprise
https://hackread.com/hackers-claim-hewlett-packard-data-breach-sale/
Exploit: Hacking
Industry: Technology (Software)
Hewlett Packard Enterprise (HPE) has allegedly experienced a data breach. Notorious dark web maven IntelBroker shared a data tree and two screenshots purportedly taken from the company’s internal infrastructure. Some of the data appears to reference a development or system environment involving both open-source software and proprietary package management systems. IntelBroker also claims to have extracted sensitive data, including source code, private GitHub repositories, Docker builds, certificates (both private and public keys), product source code belonging to Zerto and iLO, user data such as old PII related to deliveries, access to APIs, WePay, self-hosted GitHub repositories and more.
How It Could Affect Your Customers’ Business: Business data like specifications, blueprints, trade secrets and other proprietary information needs robust protection.
Kaseya to the Rescue: Take a deep dive into the players that shape dark web commerce today in our eBook State of the Dark Web. DOWNLOAD IT>>
Avery Products Corporation
Exploit: Hacking
Industry: Manufacturing
Office products giant Avery announced it has identified a data breach affecting its IT network, potentially compromising customer payment information used on its website, avery.com. The breach, discovered on December 9, 2024, involved malicious software inserted by an unauthorized actor to “scrape” credit card details from transactions conducted between July 18, 2024, and December 9, 2024.Sensitive information potentially exposed includes customers’ names, billing and shipping addresses, email addresses, phone numbers, payment card details (including CVV numbers and expiration dates) and purchase amounts. Avery has engaged third-party cybersecurity experts to investigate and mitigate the incident.
How It Could Affect Your Customers’ Business: Organizations must ensure that they maintain high cybersecurity standards and regularly audit their practices.
Kaseya to the Rescue: Maximize your security on a lean budget with the insights you’ll find in our infographic 5 Ways to Squeeze More From a Tight Security Budget. DOWNLOAD IT>>
Turks and Caicos – Government of Turks and Caicos
https://therecord.media/turks-and-caicos-recovering-from-ransomware-attack
Exploit: Ransomware
Industry: Government
The Turks and Caicos government is recovering from a ransomware attack that disrupted key services, including welfare payments, tax collection and the Department of Motor Vehicles, since December 19. To contain the threat, digital applications were shut down on December 24, forcing many departments to operate manually. Some systems, like driver’s license printing, resumed by December 30, while forensic investigations continue with assistance from UK experts.
How it Could Affect Your Customers’ Business: One successful cyberattack against a government or government agency can result in frustrations for the people living in that region.
Kaseya to the Rescue: Watch this webinar to explore Kaseya 365 User, our latest innovation to empower small and midsize businesses to maximize security while boosting productivity. LEARN MORE>>
Feeling overwhelmed by your task list? Discover four strategies for reducing your workload! GET INFOGRAPHIC>>
Italy – Divimast
https://www.technadu.com/akira-ransomware-extorts-italian-company-divimast/569695
Exploit: Ransomware
Industry: Government
Italian management solutions company Divimast is facing extortion after a ransomware attack by the Akira cybercriminal group. Akira announced the breach on January 17, claiming to have stolen nearly 8GB of sensitive data from Divimast. According to Akira’s leak site, the stolen data includes private corporate documents such as confidential agreements, internal financial records and human resources information. Additionally, the attackers allege possession of employee contact details, email addresses and passport information, as well as customer data. The group has threatened to publicly release the stolen data on the dark web if their ransom demands are not met. Divimast has yet to comment on the incident, and investigations are ongoing.
How it Could Affect Your Customers’ Business: Organizations must also have contingency plans in place for system recovery after a cyberattack to help reduce operational disruptions and customer frustration.
Kaseya to the Rescue: Learn about five ways that businesses may be in danger of trouble from the dark web in an infographic that’s also perfect for sharing on social media! DOWNLOAD IT>>
UK – The British Museum
https://www.yahoo.com/news/british-museum-exhibitions-closed-alleged-115738315.html
Exploit: Malicious Insider
Industry: Education
The British Museum was forced to close several galleries and temporary exhibitions after a former employee allegedly disrupted its IT system. The incident occurred when a contractor who had been fired entered the museum and gained access to its IT network before being apprehended. London’s Metropolitan Police confirmed the arrest of a man in his fifties. The museum has not disclosed the extent of the IT breach but stated it is working to resolve the disruption. Investigations are ongoing.
How it Could Affect Your Customers’ Business: A malicious insider can strike in an instant with no warning and do major damage quickly.
Kaseya to the Rescue: No company is safe from malicious insider risk. Learn about how to identify malicious insiders and mitigate your risk of trouble in our eBook. GET YOUR FREE EBOOK>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Read this week’s feature story: 7 Phishing Attacks That Could Hook Your Users
Phishing attacks are becoming increasingly sophisticated, and a single mistake by an employee can lead to severe consequences. Here are seven dangerous phishing tactics IT professionals must be alert for, including AI-enabled threats, and how to fight back against today’s phishing traps. READ MORE>>
Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>
Get to know Kaseya 365 User
Many cybersecurity challenges stem from poor user practices or insufficient training, making it increasingly difficult for IT teams to manage their organization’s security effectively. Kaseya 365 User is specifically designed to combat those challenges head-on. It is based on three core pillars – prevention, response and recovery – and offers a streamlined, all-in-one approach to user and data security.
- Prevent – Protect against user errors and vulnerabilities before they impact operations.
- Respond – Detect and respond to security threats quickly and effectively.
- Recover – Ensure quick, reliable data recovery to maintain productivity.
Download the feature sheet for MSPs or internal business IT teams.
Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>
Get your Guide to Phishing Protection for Businesses
Most of today’s most dangerous and damaging cyberattacks like ransomware, business email compromise and brand impersonation have one thing in common: They’re all typically kicked off by a phishing email. In our Guide to Phishing Protection for Businesses, you’ll learn about:
- The hallmarks of today’s sophisticated phishing attacks.
- How bad actors are using tools like AI to create dangerously compelling phishing messages (and how you can use AI to defend against them).
- Strategies and tools to use to mitigate phishing risk.
Download your eBook today. DOWNLOAD IT>>
Did you miss…our infographic 4 Smart Moves to Reduce Your IT Cybersecurity Workload? DOWNLOAD IT>>
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
The Ultimate User Security Playbook: Prevent, Respond and Recover with Confidence Webinar
Join Chris McKie, Kaseya’s VP of Product Marketing for Security Solutions, on February 11 at 2 PM ET/11 AM PT for The Ultimate User Security Playbook: Prevent, Respond and Recover with Confidence. In this must-attend webinar you’ll learn how to:
- Prevent attacks with AI-driven anti-phishing solutions and security awareness training.
- Respond rapidly to mitigate the impact of cyber incidents.
- Recover effectively to maintain business continuity and data integrity.
Discover how to integrate proactive defenses, automated threat response and resilient recovery tools into a unified user security strategy. REGISTER NOW>>
April 28 – May 1: Kaseya Connect Global REGISTER NOW>>
June 17 – 19: Kaseya DattoCon Europe REGISTER NOW>>
October 6 – 8: Kaseya DattoCon REGISTER NOW>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Read our case studies and see how MSPs and businesses have benefitted from using our solutions. READ NOW>