The Week in Breach News: 10/05/22 – 10/11/22
This week we’re diving into a cascade of cybercrime in Australia and New Zealand, taking a look at new integrations between IT Glue, Graphus and BullPhish ID and giving you four tips to help you choose the right security and compliance awareness training solution.
Go inside BEC scams & get tips to keep businesses safe from today’s most expensive cyberattack. DOWNLOAD EBOOK>>
CSI Laboratories
https://www.bankinfosecurity.com/cancer-testing-lab-reports-2nd-major-breach-within-6-months-a-20230
Exploit: Phishing
CSI Laboratories: Medical Testing Company
Risk to Business: 1.173 = Extreme
For the second time in just 6 months, CSI Laboratories has experienced a data breach, this time as a result of a phishing incident in July 2022. In that incident, hackers attempted to commit payment fraud and were able to acquire a large number of files containing patient information. CSI reported the phishing incident on Sept. 26 to the U.S. Department of Health and Human Services Office for Civil Rights as affecting 244,850 individuals. The company says that this breach was not related to another data breach that it suffered in March 2022 that affected the data of 312,000 individuals.
Individual Risk: 1.106 = Extreme
Patient information that may have been compromised in this breach includes documents that may have contained a patient’s name and patient number, and in some cases additional patient information, including date of birth and health insurance information.
How It Could Affect Your Customers’ Business: Two breaches within six months is a disaster and regulators won’t hesitate to slap down massive fines.
ID Agent to the Rescue: See the biggest risks that businesses in different sectors face today and get a look at what your clients will be facing tomorrow in The Global Year in Breach 2022. DOWNLOAD IT>>
City of Dunedin, FL
Exploit: Hacking
City of Dunedin, FL: Municipality
Risk to Business: 2.604 = Moderate
The city of Dunedin has announced that officials discovered a cybersecurity incident impacting its network on Tuesday. City systems and services including city email, online payments for permits, inspection scheduling, utility billing, Parks & Recreation programs and online payments for Marina fees were knocked out. The city was quick to assure residents that water and wastewater services were not impacted.
How It Could Affect Your Customers’ Business: Municipalities have been taking a lot of heat from cybercriminals looking for a quick buck because they often have outdated security.
ID Agent to the Rescue: Go over the Cybersecurity Risk Protection Checklist with your clients to make sure that they’re covering all of their security bases. GET CHECKLIST>>
CommonSpirit Health
Exploit: Ransomware
CommonSpirit Health: Healthcare System Operator
Risk to Business: 2.771 = Extreme
One of the largest healthcare systems in the US is experiencing outages impacting patient care after a suspected ransomware attack knocked some hospital systems offline. Subsidiaries of CommonSpirit have reported being affected by the attack including CHI Health facilities in Nebraska and Tennessee, Seattle-based Virginia Mason Franciscan Health providers, MercyOne Des Moines Medical Center, Houston-based St. Luke’s Health and Michigan-based Trinity Health System. The company disclosed that it has rescheduled some patient procedures because of an inability to access electronic medical records or lab results. Some hospitals are using paper charts. The company says it is working to restore systems and the incident is under investigation.
How It Could Affect Your Customers’ Business: Ransomware is an especially devastating prospect for a healthcare organization because it can impact patient care and even mortality rates.
ID Agent to the Rescue: Learn more about ransomware and reduce your clients’ risk of falling victim to an attack with the tips in our eBook Ransomware Exposed! GET EBOOK>>
Learn to identify and mitigate fast-growing supply chain risk with this eBook. DOWNLOAD IT>>
Australia – The Dialog Group
https://www.jdsupra.com/legalnews/major-berry-producer-reiter-affiliated-4783686/
Exploit: Hacking
The Dialog Group: IT Consulting Company
Risk to Business: 1.624 = Severe
Singapore Telecommunications Ltd (Singtel) has announced that its Australian division The Dialog Group has experienced a cyberattack that potentially exposed information about 1,000 current and former employees and an estimated 20 clients. Singtel, which acquired The Dialog Group earlier this year, also owns Optus, the scene of a massive breach just a few weeks ago. Company officials say that the two incidents are not connected, and the exact nature of the stolen data was not available at press time.
How it Could Affect Your Customers’ Business: Cybersecurity awareness training helps reduce a company’s chance of having an incident significantly.
ID Agent to the Rescue: Are you offering the right training solution to help your clients avoid trouble? Find out with the Security Awareness Training: Buyer’s Guide for MSPs DOWNLOAD IT>>
Australia – G4S
Exploit: Ransomware
G4S: Security Firm
Risk to Business: 2.363 = Severe
Employees of security firm G4S have been alerted that some of their personal and financial data may have been exposed in a ransomware incident after a cyberattack hit Fort Phillip prison in July 2022. The company apparently learned in mid-September that sensitive employee data had been snatched by bad actors in the incident. The firm announced that it is working with the Australian Cyber Security Centre (ACSC) and IDCARE as part of its response.
Individual Risk: 2.325 = Severe
Employees of security firm G4S have been alerted that some of their personal and financial data may have been exposed in a ransomware incident after a cyberattack hit Fort Phillip prison in July 2022. The company apparently learned in mid-September that sensitive employee data had been snatched by bad actors in the incident. The firm announced that it is working with the Australian Cyber Security Centre (ACSC) and IDCARE as part of its response.
How it Could Affect Your Customers’ Business: Financial data is especially desirable for bad actors, and failing to protect it can incur big fines in a place with data protection regulations.
ID Agent to the Rescue: Curious to see if you’re offering your clients the right dark web monitoring solution? Explore your options with The Dark Web Monitoring Buyer’s Guide for MSPs. DOWNLOAD IT>>
Australia – Costa Group
https://www.bankinfosecurity.com/australian-firm-costa-group-suffers-phishing-attack-a-20231
Exploit: Phishing
Costa Group: Agricultural Producer
Risk to Business: 2.731 = Moderate
Fruit and vegetable company Costa Group says that an employee falling victim to a phishing attack resulted in unauthorized access to its servers. The company experienced the incident in August 2022. After an investigation, they’ve confirmed that the data exposed was limited to its berry farming operation Costa Corindi. Costa Farms did not provide details of the number of people impacted. The company says it has notified relevant authorities about the attack, including the Australian Cyber Security Center and the Office of the Australian Information Commissioner.
Risk to Business: 2.655 = Moderate
The company said that exposed worker data may include workers’ passport details, bank details, superannuation details and tax file numbers.
How it Could Affect Your Customers’ Business: Agribusinesses and the food supply chain have been in the spotlight as risks escalate in critical infrastructure sectors.
ID Agent to the Rescue: A strong security culture reduces the risk of an incident. Help your clients build one with The Building a Strong Security Culture Checklist! DOWNLOAD IT>>
Australia – Telstra
Exploit: Hacking
Telstra: Telecommunications Company
Risk to Business: 2.816 = Moderate
Just a few weeks after the massive Optus breach, Australian telecom Telstra has disclosed that it has experienced a data breach. The breach was likely caused by a cyberattack on a third-party vendor, Pegasus Group Australia, that operated a platform used in its employee rewards program. Basic employee data for an estimated 30,000 people including more than 12,000 current employees has potentially been exposed. Telstra officials suspect that the miscreant behind this data is trying to profit from buzz about the Optus breach. That data consisted of employees’ first and last names and email addresses reaching back to 2017. The National Australia Bank (NAB) was also impacted in this third-party vendor hack but details of that incident were unavailable at press time.
How it Could Affect Your Customers’ Business: Third-party and supply chain risk has been the story of the year in 2022 and all businesses should be working to mitigate it.
ID Agent to the Rescue: Sell clients on the benefits of security and compliance training with the bottom-line data in The Business Case for Security Awareness Training. DOWNLOAD IT>>
New Zealand – Pinnacle Midlands Health Network
https://www.stuff.co.nz/national/300704224/cyber-attack-on-health-provider-pinnacle-a-wake-up-call
Exploit: Ransomware
Pinnacle Midlands Health Network: Healthcare System Operator
Risk to Business: 1.816 = Severe
A successful ransomware attack on Pinnacle Midlands Health Network by cybercrime group Black Cat has resulted in patient data being exposed online. The company disclosed that the attack impacted clinics in the Waikato, Lakes, Taranaki and Tairawhiti districts, including Primary Health Care Ltd (PHCL) practices from across Taranaki, Rotorua, Taupō-Tūrangi, Thames-Coromandel and Waikato. Pinnacle noted in its statement that it does not hold GP notes and consultation records. The number of affected patients has not been made public, but news reports are saying as many as 450,000 people’s information could have been exposed. Information potentially exposed in this breach includes high-level data related to the use of hospital services, claiming information related to services that Pinnacle provides and information sent to practices around immunization and screening status of individual patients. No further details were available at press time.
How it Could Affect Your Customers’ Business: Third-party and supply chain risk has been the story of the year in 2022 and all businesses should be working to mitigate it.
ID Agent to the Rescue: Give your clients the Cybersecurity Monster Hunter’s Checklist as a fun, Halloween-themed way to help them hunt down cybersecurity weaknesses. GET CHECKLIST>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident
See how today’s biggest threats may impact your MSP and your customers in our security blogs.
- Cybersecurity Awareness Month is the Perfect Time to Find Training Gaps
- 15 Types of Phishing Attacks and How to Protect Your Organization
- Cybersecurity Month is the Ideal Time to Talk to Employees About Safe Email Handling
- Why You Should Be Worried About This Devastating (& Growing) Cyber Threat
- The Week in Breach News: 09/28/22 – 10/04/22
It’s a bird, it’s a plane, it’s your revenue rising into the stratosphere with 6 Power-Ups That Will Make You a Sales Superhero. GET IT>>
Simplified Organization Management with IT Glue for BullPhish ID and Graphus is Here!
The BullPhish ID and Graphus teams are excited to announce new integrations of their respective products with IT Glue. These workflow integrations advance the Kaseya IT Complete vision by making our product modules work together to simplify the lives of our customers.
Leveraging the IT Glue API, this integration facilitates customer onboarding onto BullPhish ID or Graphus by importing SMB organizations’ names from IT Glue and creating organizations with the same names on the BPID/Graphus side, reducing the need for manual data entry by the MSP. The SMB organizations will remain linked, so any time an MSP makes changes to the org name on the IT Glue side, the changes will automatically sync to BullPhish ID or Graphus.
The new integrations greatly simplify the new SMB organization setup and ongoing customer org management within BullPhish ID and Graphus, making them great time savers for MSPs!
Setting up each module or keeping organization-related data up to date means MSPs must manually update customer data in every module they own, spending a lot of time on redundant tasks. Not anymore! IT Glue will serve as “the source of truth” and any name changes made to the IT Glue organizations will automatically be reflected on the BullPhish ID / Graphus side.
Note: customers must have subscriptions to both IT Glue and BullPhish ID / Graphus to enable the integrations.
- First, a customer logs in to their IT Glue account, generates an API key for BPID and/or Graphus and copies it.
- Next, they log in to their BullPhish ID or Graphus account, navigate to the Integrations section of the platform, paste the IT Glue API key and click Connect.
- When the integration is enabled, IT Glue and BullPhish ID/Graphus organizations with the same name will be automatically linked.
- In the event an organization was created with a different name in either of the products, you can still manually link them on the Integrations page.
- Graphus only: If a customer wants to create a new organization within Graphus, they’ll have the ability to retrieve organization names and domains from IT Glue on the Graphus Add Organization page. Creating an organization this way will automatically establish a link between the two organizations.
For details on enabling the BullPhish ID-IT Glue integration, refer to this guide.
Learn how a new integration between BullPhish ID & Graphus saves time & money. SEE THE DETAILS>>
Educate Your Clients for Security Success with These Resources
The Complete IAM Checklist – This checklist can help your clients learn what to look for in a quality IAM solution. GET CHECKLIST>>
6 Tips for Implementing Zero Trust Security – Get your clients on the zero-trust path to better security with these tips! GET INFOGRAPHIC>>
The Characteristics of a Successful Email Security Solution Checklist – Give this to your clients to start a conversation about strengthening their email security. GET CHECKLIST>>
Did you miss…? Our Guide to Reducing Insider Risk DOWNLOAD IT NOW>>
See five things that you can do to reduce nation-state cyber threat risk for your clients fast. GET CHECKLIST>>
4 Tips for Evaluating a Security and Compliance Training Solution
Find the solution that’s right for your clients & your MSP
Cybersecurity Awareness Month is an excellent time to talk to your clients about their security and compliance training programs. It may not be exciting, but security training is critical for reducing the number of security and compliance incidents a client has as well as mitigating their risk for cyberattacks. Companies that engage in regular security awareness training have 70% fewer security incidents. But setting up a security and compliance training program is a daunting task. MSPs need to be certain that they’ve chosen the right security and compliance awareness training solution to offer their clients in order to guide those clients into conducting training successfully. These tips can help you evaluate solutions to find the right one for your MSP and your clients
Excerpted in part from our eBook MSP Security Awareness Training Buyer’s Guide. DOWNLOAD IT>>
Finding the fix for your security & compliance training challenges is easy with our buyer’s guide! GET YOUR GUIDE>>
4 Tips for Evaluating a Security and Compliance Awareness Training Solution
These tips can offer you a guide that helps you find the solution that will help you guide your clients to training success.
1. Find a solution that offers flexibility in training campaign implementation
No two clients’ businesses are built the same. Every training program you help a client conduct will involve a unique set of training challenges and requirements. Flexibility in the setup and delivery of training campaigns is critical to enabling you to deliver the best possible training for every client. A truly flexible solution will offer you the ability to create custom employee training groups and assign different training paths to each group based on their needs and the threats they’re most likely to encounter. You’ll also want to be sure that the solution that you choose allows you to stagger phishing simulation emails to be sent at random times to prevent employees from alerting each other.
Does the solution that you’re considering offer you the ability to…
- Schedule training session invitations to be sent automatically weeks or months in advance?
- Clone, copy or modify previous campaigns to avoid creating new ones from scratch?
- Send automated training reminders to users until they complete their assigned training?
Give your clients this infographic to start a conversation about getting on the path to zero trust. GET INFOGRAPHIC>>
2. Make sure the solution is convenient for everyone
Training becomes a dreaded chore if the training solution that you choose throws up frequent roadblocks for administrators and makes training hard to access for employees. Make the training process a snap for your staff and your clients by choosing a solution that delivers training conveniently in an easily accessible format. A solution that offers the option to provide lessons through a personalized portal that employees can access anytime, anywhere will be convenient and attractive. That also makes it easy to assign training and keep track of the courses each participant has completed.
Keep these points in mind when making your choice:
- Consider productivity features to make training less burdensome for your team.
- Select a solution that auto-syncs with your client’s employee directory to make setting up training groups fast and eliminate manual updates when staff changes occur.
- Look for the ability to auto-generate and automate the delivery of reports to stakeholders.
- Make sure it’s easy for techs to add new clients.
Help your clients make sure they’ve got their identity & access management bases covered. GET CHECKLIST>>
3. Choose a solution that offers you flexible, detailed reporting features.
It’s impossible to demonstrate the value of training without the right tools to quantify its impact. Look for a solution that offers a robust array of tools to track, measure and report on the outcome of training and illustrate the benefits that clients enjoy. Summary reports at the end of every campaign are important for evaluating things like who didn’t take the training, who started but didn’t complete the training, who completed the training, who passed the testing quiz and who needs more help.
Testing is a critical part of any security and compliance training program, and a requirement in some compliance standards. Testing also helps prove the value of a program. A post-training online test feature that’s instantly scored is ideal. Employees who take quizzes after their training sessions retain 26% more knowledge than employees who do not take a test. Make sure the testing feature includes the ability to set parameters like the passing score for each lesson and the number of times an employee can attempt to pass the test before they fail the course.
You’ll also want to be able to demonstrate the value of phishing simulations to your clients with clear reports of simulation results including which simulated malicious messages were most effective, who didn’t take any action, who opened the email, who clicked on the link in the email and who submitted their credentials on the fake phishing landing page are a must-have.
These features make it easy to generate reports that demonstrate the value of training:
- A dashboard to track progress in real time
- Automated monthly and quarterly report generation
- Visually engaging, easy-to-understand reports to share with the stakeholders
- Automated report delivery to stakeholders, eliminating tedious manual work for your staff
See cybercrime trends & the results of thousands of phishing simulations in The Global Year in Breach 2022. DOWNLOAD IT>>
4. Make sure the solution is designed with an MSP in mind
Make sure you’re making a good choice for your business as well. Look for features that will help your staff provide high-quality training for every client. Ask these questions to see if a solution fits the bill.
- Does it have a multitenant structure with the ability to track each client’s status via a dashboard?
- Are there automation features that make it easy to manage multiple clients?
- Can you delegate access to the platform to your clients? (This is a must-have for clients that want to be hands-on in managing their training.)
- Is it possible to give customers different levels of access, like read-only access to see the training results or privileged access to create and manage campaigns for their organization?
- Look for robust support and innovation and complete onboarding to get you up and running with the platform
- Helpful how-to video tutorials inside the product to guide your staff or your clients’ program administrators to be power users and make the most out of the platform
- Detailed guides, FAQs and articles to help you along the way, like a whitelisting guide to ensure the delivery of phishing simulation emails
Go inside nation-state cybercrime to get the facts and learn to keep organizations safe from trouble! GET EBOOK>>
Rely on Solutions That Are Built with MSPs in Mind
Our solutions don’t just help keep your customers out of trouble. They’re also loaded with features that are purpose-built to make MSPs’ lives easier and more profitable. Plus, Kaseya Powered Services Pro gives you the tools that you need to take your MSP to the next level.
Security awareness and compliance training plus phishing simulation
BullPhish ID is the ideal security and compliance awareness training solution for companies of any size. This powerhouse is the channel leader in phishing simulations.
- An extensive library of security and compliance training videos in eight languages
- Plug-and-play or customizable phishing training campaign kits
- New videos arrive 4x per month and new phishing kits are added regularly
- Easy, automated training delivery through a personalized user portal
You’ll love our latest integration between BullPhish ID and Graphus! If you’re already using BullPhish ID for security and compliance awareness training and phishing simulations, you’ll love our latest integration Advanced Phishing Simulations (Drop-A-Phish). This feature leverages the power of integration with Graphus to eliminate the need for domain whitelisting and ensure 100% campaign deliverability to end users when running phishing simulations. LEARN MORE>>
Dark web monitoring
Dark Web ID offers best-in-class dark web intelligence, reducing credential compromise risk.
- 24/7/365 monitoring using real-time, machine and analyst-validated data
- Fast alerts of compromises of business and personal credentials, including domains, IP addresses and email addresses
- Live dark web searches find compromised credentials in seconds
- Create clear and visually engaging risk reports
Automated, AI-powered antiphishing email security
Graphus AI-enabled, automated email security that catches 99.9% of sophisticated phishing threats and offers amazing benefits.
- Forget old-fashioned safe sender lists. Graphus analyzes the content of messages using more than 50 points of comparison to suss out fakes fast.
- Cloud-native security harnesses machine learning to inform AI using a patented algorithm.
- 3 layers of powerful protection at half the cost of competing solutions
- Don’t waste time on fussy configurations or adding threat reports. AI does that for you, getting everything up and running with just a few clicks and minimal maintenance.
Make sure your clients have all the bases covered with the Computer Security To-Do Checklist! GET IT>>
Register Now for the Q4 Security Suite Product Update Webinar
Get all of your security product update news in one place at our Q4 Security Suite Product Update Webinar on October 25, 2022, at 12 pm ET. Find out about the latest innovations and integrations plus what’s next for BullPhish ID, Dark Web ID, Graphus and Passly! REGISTER NOW>>
October 13: Cybersecurity Summit in Scottsdale REGISTER NOW>>
October 18: Cybersecurity Roundtable: BEC REGISTER NOW>>
October 19: 15-Minute Demo: Graphus AI-Driven Email Security REGISTER NOW>>
October 25: Security Suite Product Update Webinar REGISTER NOW>>
October 25-26: Southwest US Summit REGISTER NOW>>
November 2-3: ChannelPro SMB Forum 2022: Los Angeles REGISTER NOW>>
December 6: Connect IT Local – Atlanta REGISTER NOW>>
December 8: Connect IT Local – Miami REGISTER NOW>>
Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
ID Agent Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!