The Week in Breach News: 10/18/23 – 10/24/23
This week: Two big ransomware hits on healthcare targets, ALPHV/BlackCat snatches data from a bank equipment firm, a new checklist to help you find the right EDR solution and a look at 8 good cybersecurity habits to cultivate.
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
Ampersand
https://therecord.media/ampersand-television-advertising-sales-company-ransomware
Exploit: Ransomware
Ampersand: Analytics Agency
Risk to Business: 2.403 = Moderate
Television advertising giant Ampersand has admitted that it has become the victim of a cyberattack. The Black Basta ransomware has claimed responsibility. Ampersand provides viewership data about an estimated 85 million households to advertisers. The company said that it experienced a ransomware incident that briefly interrupted regular operations last week. No word on what if any data was stolen or any ransom demand.
How It Could Affect Your Customers’ Business: Companies like this often hold large quantities of valuable data making them attractive targets.
Kaseya to the Rescue: Every company needs to be ready for trouble with an incident response plan in place to minimize downtime and speed up recovery. This checklist can help. DOWNLOAD CHECKLIST>>
AIDS Alabama
https://thecyberexpress.com/aids-alabama-data-breach-update/
Exploit: Ransomware
AIDS Alabama: Non-Profit
Risk to Business: 1.211 = Extreme
Charity AIDS Alabama has disclosed that the organization has experienced a data breach of some very sensitive data. AIDS Alabama said that the breach occurred between October 11, 2021, and August 9, 2022. The exposed data includes sensitive personal information, including names, addresses, Social Security numbers, medical diagnoses, healthcare providers, health insurance details, email addresses and services received.
How It Could Affect Your Customers’ Business: Organizations that hold this kind of highly sensitive medical data need to put especially strong protection in place.
Kaseya to the Rescue: See how the solutions in Kaseya’s Security Suite help IT professionals minimize risk, avoid cyberattacks and build a cyber-savvy workforce. WATCH THE WEBINAR>>
Orange County District Attorney
https://voiceofoc.org/2023/10/orange-county-district-attorney-hit-with-cyberattack/
Exploit: Hacking
Orange County District Attorney: Government Agency
Risk to Business: 1.873 = Moderate
The Orange County, California District Attorney’s Office has disclosed that it has been the victim of a cyberattack. A spokesperson for the office said that the office’s IT systems were hacked last weekend, resulting in portions of the system being shut down to limit damage. The agency’s ability to send and receive email was affected. The agency also said that it is investigating the incident in concert with the U.S. Federal Bureau of Investigation. The spokesperson was unable to comment on whether or not this was a ransomware attack, or if any data was stolen. The Orange County Sheriff’s Department said that it had severed its connection with the DA’s office to minimize its cyber risk after it was informed of the hack.
How It Could Affect Your Customers’ Business: Government agencies have been prime targets for bad actors looking for a quick payday.
Kaseya to the Rescue: What cyberattacks are the most popular this year, and what should you be preparing for in 2024? This webinar tells you everything. WATCH WEBINAR>>
Quality Service Installation (QSI)
https://thecyberexpress.com/blackcat-claims-qsi-banking-cyberattack/
https://securityaffairs.com/152486/cyber-crime/alphv-ransomware-morrison-community-hospital.html
Exploit: Ransomware
Quality Service Installation (QSI): Bank Equipment Company
Risk to Business: 1.710 = Severe
The busy ALPHV/BlackCat ransomware group has also claimed responsibility for a ransomware attack on banking equipment provider Quality Service Installation (QSI). The company is a major supplier of NCR cash handling solutions including ATMs. The group says that it stole a wide variety of data including financial, client, personal and product-related data from the QSI INC cyberattack. They also claimed that they nabbed SQL base data amounting to 5TB in the October 14 incident.
How It Could Affect Your Customers’ Business: the data stolen in this incident could be very beneficial to other criminals.
Kaseya to the Rescue: Explore how security awareness training helps organizations defend against today’s most dangerous cyber threats in this infographic. DOWNLOAD IT>>
Kwik Trip
Exploit: Hacking
Kwik Trip: Convenience Store Chain
Risk to Business: 1.673 = Severe
The convenience store chain Kwik Trip has finally admitted that it suffered a cyberattack that caused some operational disruption. The incident started two weeks ago, but the company claimed it was having a network problem and did not experience a cyberattack. However, customers were concerned that their data had been exposed. The company’s Kwik Rewards Program, support systems, phones and email were all knocked offline and are being restored.
How it Could Affect Your Customers’ Business: Consumers don’t like doing business with companies that put their data at risk.
Kaseya to the Rescue: Learn more about ransomware risk and the ways that IT professionals can keep companies out of trouble in our eBook Ransomware 101 DOWNLOAD IT>>
Arietis Health
Exploit: Hacking
Arietis Health: Revenue Cycle Management Company
Risk to Business: 1.612 = Severe
Arietis Health is the latest victim of the MOVEit exploit. The medical billing company is informing its partners that they may have had their patients’ data stolen. The incident has impacted more than 1.9 million individuals across more than 50 healthcare organizations. A variety of patient data was exposed including names, driver’s license numbers, Social Security numbers, dates of birth, medical record numbers, patient account numbers, diagnosis and treatment information, health insurance information, and prescription and provider information.
How it Could Affect Your Customers’ Business: The MOVEit exploit spree has hit an estimated 1k businesses worldwide.
Kaseya to the Rescue: Learn more about how our Security Suite can help MSPs protect their clients from expensive and damaging cyberattacks and other information security trouble. GET THE FACT SHEET>>
Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>
United Kingdom – Volex
https://therecord.media/manufacturing-giant-hit-with-cyberattack
Exploit: Hacking
Volex: Electronics Manufacturer
Risk to Business: 2.002 = Severe
UK-based electronics and cabling manufacturing company Volex said that it was hit by a cyberattack that impacted its IT systems. The company said that bad actors gained access to its network last week. Volex was quick to reassure customers that all of its worksites remain operational, with minimal disruption expected in its global production. The company also said that it has hired a third-party firm to investigate the incident.
How it Could Affect Your Customers’ Business: Manufacturers have been increasingly under fire from cybercrime groups
Kaseya to the Rescue: This checklist can help businesses determine if they’re making all the right moves to prevent email-based cyberattacks. DOWNLOAD IT>>
See the path from a cyberattack to a defensive success with managed SOC in this infographic. GET IT>>
Taiwan – D-Link
https://thehackernews.com/2023/10/d-link-confirms-data-breach-employee.html
Exploit: Hacking
D-Link: Network Hardware Manufacturer
Risk to Business: 2.716 = Moderate
D-Link, a leading manufacturer of routers, has experienced a data breach. The company claims that the data was not from the cloud but likely originated from an old D-View 6 system. D-Link said that the data was used for registrations in 2015. D-Link was involved in another data breach incident just two weeks ago after bad actors posted samples of the source code for D-Link’s D-View network management software on a dark web forum.
How it Could Affect Your Customers’ Business: two data breaches in under a month is not a good look for any company.
Kaseya to the Rescue: See how security awareness training helps keep cybersecurity threats from becoming cybersecurity disasters. DOWNLOAD INFOGRAPHIC>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident
Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>
New and updated phishing simulation kits are here!
Three new phishing simulation kits are available now in BullPhish ID
- Service Desk (new)
- BambooHR – Important Documents V2 (updated)
- Better Business Bureau – Customer Dispute (updated)
Learn more in the BullPhish ID Release Notes.
How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>
Get your “10 Things to Look for When Buying an EDR Solution” checklist
Choosing the right endpoint detection and response (EDR) solution can be a daunting task. It needs to fit your budget and have necessary management, reporting and cybersecurity detection and response functions. This checklist shows you what to look out for when shopping for an EDR solution.
DOWNLOAD THE CHECKLIST>>
Did you miss…The 2023 edition of The Comprehensive Guide to Third-party and Supply Chain Risk? DOWNLOAD IT>>
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
8 Good Security Habits for IT Professionals to Cultivate
IT professionals play a critical role in ensuring the security of the vast digital landscapes that power our world. Cyber threats are constantly evolving, and IT professionals must continually adapt. Part of that adaptation strategy includes maintaining good security habits to protect their organizations and systems. While developing security policies and instituting training requirements is critical for making sure users practice good security hygiene, it’s even more important to ensure that IT professionals do too. Cybersecurity Awareness Month is a good time for IT professionals to take a look at best practices, tools and strategies that can set them up for success. A recent Gartner report detailed some of the habits that top CISOs cultivate, providing interesting insight for anyone working to protect businesses from cyber trouble.
What cybercriminal tricks do employees fall for in phishing simulations? Find out in this infographic. GET IT>>
Understanding the Stakes
IT professionals are driving the ship when it comes to security, performing a mission-critical role for their company or clients. The consequences of security breaches can be devastating, resulting in financial losses, reputational damage and even legal consequences. IT professionals must approach their work with the mindset that their vigilance and expertise can make all the difference in preventing cyberattacks. Unfortunately, people outside the IT team can make the IT team’s job much harder, especially if they don’t understand their security responsibilities – 45% of respondents in a HIPAA Journal survey said that they don’t need to worry about cybersecurity safeguards because they don’t work in the IT department.
Getting support and buy-in from everyone in an organization is essential for any security strategy to succeed. One way that top CISOs do that is by cultivating relationships within the organization outside the context of an IT project, an important habit cited by 67% of the CISOs surveyed. Another thing that successful CISOs pointed to as an important practice is to talk about security with everyone, frequently. The survey found that 77% of top-performing CISOs regularly initiate conversations about security issues and topics like hacking and threat attribution with people who are not in the IT department.
The world of cybersecurity is dynamic and ever-changing. 69% of top-performing CISOs dedicate recurring time on their calendars for their own professional development. Threats emerge daily, and new vulnerabilities are discovered regularly. IT professionals must stay informed about the latest developments in the field. Part of staying informed includes staying informed about what’s next. The same survey discovered that 63% of top-performing CISOs make time to explore using and securing emerging technologies like artificial intelligence (AI), machine learning (ML) and blockchain.
Find out how Datto EDR helps with Health Insurance Portability and Accountability Act (HIPAA) compliance. GET INFO>>
8 Good cybersecurity habits to cultivate
Developing these 8 habits can help foster security success
- Stay informed to stay ahead of the game
Intelligence is a key aspect of any security plan, and that’s not just limited to the reports generated by a company’s security solutions. IT professionals must stay informed about threats and trends. It pays to cultivate these habits:
a. Continuous Learning: Enroll in courses, certifications, and training programs to stay updated with the latest security trends, tools, and techniques.
b. Joining Professional Communities: Engage with security-focused forums, mailing lists, and organizations to network with peers and gain insights into emerging threats.
c. Reading Industry Reports: Regularly review security reports, publications, and blogs to gain a broader perspective on current security issues and trends.
2. Keep Systems and Software Up to Date
Outdated software and systems are often the weakest links in an organization’s security. IT professionals should make it a habit to:
a. Install Updates Promptly: Ensure that all systems and software are updated as soon as security patches become available.
b. Regularly Audit and Remove Unused Software: Remove any unnecessary or unused software to reduce potential attack surfaces.
3. Back Up Data Regularly
Data loss can be catastrophic. IT professionals should implement and maintain a robust data backup strategy:
a. Set Up Automated Backups: Automate the backup process to ensure data is regularly and consistently saved.
b. Test Backup Restorations: Periodically test the restoration process to verify that backups are functional.
4. Develop Incident Response Plans
Despite all preventive measures, security incidents can still occur. IT professionals should be prepared with comprehensive incident response plans:
a. Create a Response Team: Develop a dedicated team responsible for handling security incidents.
b. Test Response Procedures: Regularly conduct exercises and drills to ensure an effective response in the event of a breach.
Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>
5. Security Policy Enforcement
Consistency is key in maintaining good security habits. IT professionals should establish and enforce security policies within their organizations. Start practicing these habits:
a. Create Written Policies: Develop clear, well-documented security policies and procedures for all employees.
b. Educate Employees: Ensure that all staff members are aware of these policies and understand their importance.
c. Enforce Policies: Monitor and enforce compliance with security policies, including disciplinary actions if necessary.
6. Implement Strong Access Control
Access control is vital for keeping sensitive information secure and can prevent many bad outcomes like a data breach, a ransomware attack or malicious insider activity. These tips help maintain it:
a. Role-Based Access: Assign access permissions based on job roles and the principle of least privilege to minimize data exposure.
b. Regularly Review Access: Continuously monitor and update access controls to match organizational changes.
7. Vulnerability Scanning and Penetration Testing
Finding and fixing vulnerabilities prevents damaging incidents, and penetration testing helps IT professionals find security gaps before the bad guys do. Make both of these regular habits:
a. Conduct Vulnerability Scanning: Use automated tools to scan systems for potential vulnerabilities.
b. Perform Penetration Testing: Simulating real-world attacks has become so affordable with automation technology that businesses can test once per month instead of once per year.
8. Maintain Proper Documentation
Good documentation is essential for managing and securing IT systems. These tips help you achieve it:
a. Document Network Configurations: Keep records of network configurations, which can be invaluable in case of incidents.
b. Maintain an Inventory: Document all hardware and software assets, including their configurations and patch status.
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
Get must-have tools for protecting businesses from cybercrime with Kaseya’s Security Suite
Developing and maintaining good security habits is essential for IT professionals to protect their organizations from cyber threats. These habits, which include staying informed, practicing strong password policies and keeping systems up to date, are critical to safeguarding data and systems. By implementing these best practices and continually adapting to the evolving threat landscape, IT professionals can play a pivotal role in ensuring the security and integrity of their organization’s digital assets.
BullPhish ID — This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.
Dark Web ID — Our award-winning dark web monitoring solution is the channel leader for a good reason: it provides the greatest amount of protection around with 24/7/365 human and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.
Graphus — Automated email security is a cutting-edge solution that puts three layers of AI-powered protection between employees and phishing messages. It works equally well as a standalone email security solution or supercharges your Microsoft 365 and Google Workspace email security.
Kaseya Managed SOC powered by RocketCyber — Our managed cybersecurity detection and response solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.
Datto EDR — Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).
Vonahi Penetration Testing – How sturdy are your cyber defenses? Do you have dangerous vulnerabilities? Find out with vPenTest, a SaaS platform that makes getting the best network penetration test easy and affordable for internal IT teams.
What cybercriminal tricks do employees fall for in phishing simulations? Find out in this infographic. GET IT>>
The New Security Paradox: Offensive vs Defensive AI
November 1, 2023 | 1:00 PM ET/10 AM PT
AI and machine learning technologies have been around for many years, however, in the past year they’ve taken a whole new evolutionary leap. With the seemingly daily rollouts of new AI chatbots and tools, there is a race underway to use AI in novel ways which presents both challenges and opportunities for cybersecurity professionals. Join us for a deep dive into the current and future cybersecurity AI landscape and explore how we use AI at Graphus to protect our customers from cyberattacks.
Cybersecurity Roundtable Series: State of the MSP Webinar
November 1, 2023 | 1:00 PM ET/10 AM PT
AI and machine learning technologies have been around for many years, however, in the past year they’ve taken a whole new evolutionary leap. With the seemingly daily rollouts of new AI chatbots and tools, there is a race underway to use AI in novel ways which presents both challenges and opportunities for cybersecurity professionals. Join us for a deep dive into the current and future cybersecurity AI landscape and explore how we use AI at Graphus to protect our customers from cyberattacks.
REGISTER NOW>>
October 26: Kaseya + Datto Connect Local San Francisco REGISTER NOW>>
November 2: Kaseya + Datto Connect Local New York REGISTER NOW>>
November 7: Kaseya + Datto Connect Local New York REGISTER NOW>>
November 7: Kaseya + Datto Connect Local London REGISTER NOW>>
November 9: Kaseya + Datto Connect Local Manchester REGISTER NOW>>
November 14: Kaseya + Datto Connect Local Montreal REGISTER NOW>>
November 14 – 16: Kaseya DattoCon APAC REGISTER NOW>>
November 16: Kaseya + Datto Connect Local Pittsburgh REGISTER NOW>>
November 30: Kaseya + Datto Connect Local Long Beach REGISTER NOW>>
December 5: Kaseya + Datto Connect Local Orlando REGISTER NOW>>
December 7: Kaseya + Datto Connect Local Symposium Miami REGISTER NOW>>
December 12: Kaseya + Datto Connect Local Arlington TX (Dallas Area) REGISTER NOW>>
December 14: Kaseya + Datto Connect Local New Orleans REGISTER NOW>>
December 19: Kaseya + Datto Connect Local St. Petersburg, FL REGISTER NOW>>
Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!