Please fill in the form below to subscribe to our blog

The Week in Breach News: 11/01/23 – 11/07/23

November 08, 2023

This week: Bad actors fly in to snatch data from Boeing, over 1 million Cook County Health patients have data exposed, an attack on Südwestfalen IT paralyzes 70 German municipalities and a look at 10 reasons why businesses should conduct monthly pen testing.

Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>

Ace Hardware

Exploit: Hacking

Ace Hardware: Retailer

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.627 = Extreme

Ace Hardware is experiencing continued operational disruptions after a cyberattack crippled most of its IT systems. The October 29 incident knocked out key IT systems including UK/EU ACENET, the company’s warehouse management systems, the Ace Retailer Mobile Assistant (ARMA), Hot Sheets, invoicing and Ace Rewards as well as the company’s customer care center phones. Shipments to customers have also been interrupted. A company statement said that 1,202 devices including 196 servers were impacted by the attack.

How It Could Affect Your Customers’ Business: Today’s retailers are more reliant on technology than ever before and need to prioritize cybersecurity to avoid costly downtime.

Kaseya to the Rescue: Every company needs to be ready for trouble with an incident response plan in place to minimize downtime and speed up recovery. This checklist can help. DOWNLOAD CHECKLIST>>

Henry Schein

Exploit: Ransomware

Henry Schein: Healthcare Solutions Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.741 = Severe

Fortune 500 healthcare solutions company Henry Schein has disclosed that it has been hit by a ransomware attack that knocked out some of its systems. The company said that the October 15 attack forced it to take some systems offline including its manufacturing and distribution businesses, but its Henry Schein One practice management software has not been impacted. The ALPHV/BlackCat ransomware group has claimed responsibility for the attack, boasting that it snatched 35 TB of data.  

How It Could Affect Your Customers’ Business: Cybercriminals know that they can make money fast by knocking out linchpins in an industry’s supply chain

Kaseya to the Rescue:  An endpoint detection and response solution can help businesses stop the spread of a cyberattack fast. This checklist helps you find the right one. DOWNLOAD IT>>

Mr. Cooper

Exploit: Ransomware

Mr. Cooper: Mortgage Lender

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.603 = Severe

Texas-based mortgage company Mr. Cooper (previously Nationstar Mortgage LLC) has fallen victim to a cyberattack that is snarling its operations. The October 31 attack knocked out the company’s online payment system, but the company has reassured customers that they will not incur fees or any negative impacts from the outage. Mr. Cooper said that it is working to resolve the situation as quickly as possible.

How It Could Affect Your Customers’ Business: A hit on a mortgage company can be a goldmine for bad actors because of the wide variety of data lenders hold.

Kaseya to the Rescue: This infographic shows you the benefits you gain when choosing a managed security operations center instead of building your own. DOWNLOAD IT>>


Exploit: Ransomware

Boeing: Aerospace Company

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.740 = Moderate

The LockBit ransomware group has claimed that it has successfully landed a hit on Boeing. The aerospace giant confirmed that its parts and distribution arm did fall victim to a ransomware attack. Boeing was quick to say that the attack would not impact flight safety. The company said that it is investigating the incident and has hired a third-party security firm to help, along with seeking help from law enforcement.

How It Could Affect Your Customers’ Business: Cybercriminals are going after infrastructure targets relentlessly, and the elevated threat level calls for elevated security.

Kaseya to the Rescue:  Explore how security awareness training helps organizations defend against today’s most dangerous cyber threats in this infographic. DOWNLOAD IT>> 

Allied Pilots Association (APA)

Exploit: Ransomware

Allied Pilots Association (APA): Trade Union

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.673 = Moderate

The union that represents an estimated 15,000 American Airlines pilots, the Allied Pilots Association, has suffered a ransomware attack. The group said in a statement that the attack occurred on October 30. The union assured members that their team is working “nonstop” to restore its systems. The restoration efforts, APA said that their restoration efforts would prioritize pilot-facing systems and tools, with full operations expected to be restored later over time.

How it Could Affect Your Customers’ Business: Members may lose confidence in an association that experiences a successful cyberattack.

Kaseya to the Rescue:  Ransomware is a major threat to all organizations, not just businesses. Learn more about ransomware and get tips to mitigate risk in Ransomware 101. DOWNLOAD IT>>

Cook County Health

Exploit: Supply Chain Attack

Cook County Health: Health System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.612 = Severe

One of the largest healthcare systems in the U.S., Cook County Health in Illinois, is informing patients that their data may have been exposed in a data breach at one of their former service providers. The service provider, Perry Johnson & Associates (PJ&A), was a former medical transportation services provider for the system’s hospitals and clinics. PJ&A informed the county of the data breach in July 2023, saying that an unauthorized individual accessed systems where patient data was stored in April 2023. The records for 1.2 million patients including names, dates of birth, addresses, medical record numbers, encounter numbers, medical information and dates and times of service were potentially exposed.

How it Could Affect Your Customers’ Business: Every relationship that a business has with a service provider or supplier can be a vector for a cyberattack.

Kaseya to the Rescue: In The Comprehensive Guide to Third Party and Supply Chain Risk, you’ll learn how these risks emerge and what you can do to mitigate them. DOWNLOAD IT>> 

What cybercriminal tricks do employees fall for in phishing simulations? Find out in this infographic. GET IT>>


Mexico – Querétaro Intercontinental Airport

Exploit: Human Error

Querétaro Intercontinental Airport: Airport

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.002 = Severe

Querétaro Intercontinental Airport, a major transportation hub that served more than 1.1 million travelers in 2022, has fallen victim to a cyberattack. Officials said that some of the airport’s systems were damaged after an employee downloaded a file containing malware. Traveler safety was not impacted. The LockBit ransomware group has claimed responsibility for the attack. The group has threatened to release the data it claims to have stolen if the unnamed ransom isn’t paid by November 28.  

How it Could Affect Your Customers’ Business: One careless employee can make a mistake that causes a huge cybersecurity problem for their employer.

Kaseya to the Rescue: This checklist can help businesses determine if they’re making all the right moves to prevent email-based cyberattacks. DOWNLOAD IT>>

This infographic helps IT professionals get the most out of a security awareness training solution. DOWNLOAD IT>>

Germany – Südwestfalen IT

Exploit: Ransomware

Südwestfalen IT: IT Service Provider

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.316 = Extreme

An estimated 70 German municipalities have been paralyzed by a ransomware attack on IT service provider Südwestfalen IT. The company said that to prevent the spread of ransomware it had been forced to take many systems offline. That move limited or blocked access to digital infrastructure for 70 municipal governments, mostly in the western German state of North Rhine-Westphalia. The attack left municipal governments reeling during a busy end-of-the-month period with outages all over the region. The incident is under investigation. 

How it Could Affect Your Customers’ Business: Service providers are prime targets for cyberattacks, and their risk is only rising as the world becomes more interconnected.

Kaseya to the Rescue: See how security awareness training helps keep cybersecurity threats from becoming cybersecurity disasters. DOWNLOAD INFOGRAPHIC>>

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident

Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>

A new integration between Compliance Manager GRC and BullPhish ID is here

Bullphish ID and Compliance Manager GRC are working together to make IT professionals’ lives easier with a new integration. By importing Evidence of Compliance data from BullPhish ID, you can reduce the time spent collecting data to address compliance controls. Learn more about how to put this integration to work for you in the Release Notes. READ THE RELEASE NOTES>> 

How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>

Download “When Email Attacks: How to Develop Your Employees’ Phishing Defense Superpowers”

Are you wondering how to transform employees from security risks to security heroes? This guide gives you the secret formula! Download our eBook now to gain insight into important training concerns like:

  • The most crucial components of security awareness training
  • How to maintain a culture of security, even with remote workers
  • Ways to overcome common obstacles to security training success


Find out how Datto EDR helps with Health Insurance Portability and Accountability Act (HIPAA) compliance. GET INFO>>

 Frequent Penetration Testing for Businesses is Becoming Mission-Critical

In today’s turbulent digital age, the cybersecurity threat landscape moves at lightning speed. Cyberattacks are becoming increasingly sophisticated and prevalent, with threats evolving every day. IT professionals need every advantage they can get to keep up. One effective strategy for assessing and strengthening an organization’s cybersecurity is frequent penetration testing or pen testing. This game-changing tool simulates real-world cyberattacks on a business’s systems and networks to identify vulnerabilities before malicious actors can exploit them. In the past, businesses only conducted a pen test once a year because of high costs. However, automation has made it possible for businesses to pen test every month affordably, enabling them to stay a step ahead of the game. 

dark web threats represented by a hacker in a hoodie shrouded in shadows with faint binary code

Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>

10 Reasons Why Monthly Pen Testing is a Smart Idea 

Here are ten reasons why businesses should invest in more frequent penetration testing and the benefits it can bring. 

  1. Evolving Threat Landscape 

The cybersecurity landscape is constantly evolving, with cybercriminals developing new techniques and tools to breach security measures daily. In 2022, researchers noted 25 thousand new common IT vulnerabilities. As a result, the need for businesses to keep their defenses up to date is more critical than ever. Hackers are continually refining their attack methods, and vulnerabilities that were once considered minor could be exploited in creative ways. Frequent penetration testing helps organizations stay one step ahead of cyber threats by identifying vulnerabilities in their systems and applications before they become disasters. 

2. Protecting Sensitive Data 

Data is a valuable asset, and bad actors are dying to get their hands on it. Businesses may store a wide variety of sensitive information such as customer data, intellectual property, financial records and trade secrets that bad actors can sell for a profit. A data breach can have severe consequences, including financial loss, damage to reputation and legal liabilities. The global average cost of a data breach in 2023 is $4.45 million. Frequent penetration testing can help safeguard sensitive data by identifying vulnerabilities that could be exploited by attackers. By proactively assessing security measures through pen testing, businesses can better protect their networks and data. 

a red fish hook on dark blue semitransparent background superimposed over an image of a caucasian man's hands typing on a laptop in shades of blue gray

Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>

3. Regulatory Compliance 

Many industries are subject to regulatory requirements that mandate certain cybersecurity measures must be in place, while others require businesses to meet certain cybersecurity standards. Frequent penetration testing can help businesses assess their compliance with these regulations. By performing regular assessments and addressing vulnerabilities promptly, organizations have a better chance of avoiding costly penalties and legal consequences. 

4. Early Detection of Vulnerabilities 

Identifying vulnerabilities before they are exploited is essential. The breakneck pace of cybersecurity today means that vulnerabilities are popping up faster than ever, with 55 new software vulnerabilities discovered every day.  Frequent penetration testing allows businesses to catch vulnerabilities early in their lifecycle, reducing the window of opportunity for cybercriminals. It also allows for more proactive and efficient remediation, minimizing potential damage and security breaches. 

5. Reducing Security Costs  

Addressing cybersecurity incidents and data breaches can be punishingly expensive for a business. Frequent penetration testing is a proactive investment in cybersecurity that can help reduce the financial impact of security incidents. The cost of conducting penetration tests is far lower than dealing with the huge expenses that a company can incur in the aftermath of a data breach, including legal expenses, fines and damage to reputation. Those costs jump up every year too. IBM researchers noted a 15% increase in data breach costs over the last three years. 

6. Improved Incident Response 

While penetration testing focuses on identifying vulnerabilities, it also helps businesses refine their incident response plans. In the event of a real cyberattack, having a well-practiced response plan in place can significantly minimize the damage and downtime. Maintaining a formal, tested incident response plan is a critical element of building a company’s cyber resilience. Frequent testing enables organizations to fine-tune their incident response procedures and improve their overall readiness.  

EDR represented by a rendering of connected devices

Learn how Datto EDR satisfies cyber insurance requirements for endpoint protection & EDR. DOWNLOAD REPORT>>

7. Competitive Advantage 

Customers and clients are becoming increasingly security-conscious. By publicly demonstrating a commitment to cybersecurity through frequent penetration testing and a strong security posture, businesses can gain a competitive advantage. A robust security framework can be a selling point that differentiates a company from its competitors and instills trust in customers. 

8. Protection Against Insider Threats 

Insider threats, whether intentional or unintentional, pose a significant risk to organizations. Frequent penetration testing can help identify vulnerabilities that could be exploited by employees, contractors, or partners with malicious intent. It also helps in uncovering areas where additional training or policy enforcement may be necessary to mitigate insider threats. Cybersecurity Insiders determined that more than 60% of companies experienced a dangerous insider threat in 2022. 

9. Scalability and Change Management 

Businesses are not static entities. They grow, change, and adopt new technologies and systems. Frequent penetration testing allows organizations to adapt their security measures to these changes, ensuring that new systems and applications are assessed for vulnerabilities. Scalability and change management become more effective and secure with ongoing testing. 

10. Trust and Reputation 

A data breach can have long-lasting effects on a business’s reputation and trustworthiness. Frequent penetration testing demonstrates a commitment to security, reassuring customers, partners, and stakeholders that their information is being safeguarded. Trust and reputation are valuable assets that can be protected through continuous cybersecurity efforts. Consumers do not like doing business with companies that fall victim to cyberattacks. In a study, 3 in 4 respondents said that they would stop doing business with a company that fell victim to a cyberattack or experienced a data breach.  

The importance of frequent penetration testing for businesses cannot be overstated. In an ever-evolving threat landscape, organizations must be proactive in identifying and mitigating vulnerabilities to protect sensitive data, comply with regulations and maintain their reputation. By investing in monthly penetration testing, businesses can stay ahead of cyber threats, reduce security costs and demonstrate a commitment to cybersecurity that can set them apart in today’s competitive business environment.  

Learn to defend against devastating cyber threats with A Comprehensive Guide to Email-based Cyberattacks. GET IT>>

Find Solutions That Solve Problems in the Kaseya Security Suite

Kaseya’s Security Suite has the tools that IT professionals need to mitigate cyber risk easily and affordably.

BullPhish ID — This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.   

Dark Web ID — Our award-winning dark web monitoring solution is the channel leader for a good reason: it provides the greatest amount of protection around with 24/7/365 human and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.  

Graphus — Automated email security is a cutting-edge solution that puts three layers of AI-powered protection between employees and phishing messages. It works equally well as a standalone email security solution or supercharges your Microsoft 365 and Google Workspace email security.    

Kaseya Managed SOC powered by RocketCyber — Our managed cybersecurity detection and response solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.    

Datto EDR — Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).    

Vonahi Penetration Testing – How sturdy are your cyber defenses? Do you have dangerous vulnerabilities? Find out with vPenTest, a SaaS platform that makes getting the best network penetration test easy and affordable for internal IT teams. 

Follow the path to see how Managed SOC heroically defends businesses from cyberattacks. GET INFOGRAPHIC>>

TODAY! Cybersecurity Jeopardy

November 8 | 1 PM ET / 10 AM PT
Join Us for Cybersecurity Trivia and Prizes!

Are you ready to brush up on your cybersecurity knowledge with experts? Don’t miss the thrilling competition you know and love, with fresh surprises and new opportunities for you to win big! Secure your spot now and register for the ultimate cybersecurity showdown – it’s time to play Cybersecurity Jeopardy! REGISTER NOW>>

November 9:  Kaseya + Datto Connect Local Manchester REGISTER NOW>>

November 9: Kaseya + Datto Connect Local Montreal REGISTER NOW>>

November 14 – 16: Kaseya DattoCon APAC Sydney  REGISTER NOW>>

November 14: Kaseya + Datto Connect Local New Haven (Virtual) REGISTER NOW>>

November 15: Set-It-and-Forget-It Security Awareness Training REGISTER NOW>>

November 16: Kaseya + Datto Connect Local Pittsburgh (Virtual) REGISTER NOW>>

November 23: Kaseya + Datto Connect Local Antwerp, Belgium REGISTER NOW>>

November 28: Kaseya + Datto Connect Local El Segundo REGISTER NOW>>

December 5: Kaseya + Datto Connect Local Orlando REGISTER NOW>>

dark web threats

Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>

Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!

let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>

Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!