Please fill in the form below to subscribe to our blog

The Week in Breach News: 11/20/24 – 11/26/24

November 27, 2024

This week: A cyberattack impacts payroll at Starbucks; grocery store operations are knocked out just before the start of the winter holiday season; a new eBook on how to profit from managed detection and response (MDR); and nine new Microsoft-centered phishing simulations.



Curious about what has happened in cybersecurity in 2024 including the rise of AI? READ OUR REPORT>>



Starbucks

https://seekingalpha.com/news/4331713-starbucks-struggles-with-cafe-operations-after-cyberattack-on-software-supplier-report

Exploit: Third-Party Cyberattack

Industry: Restaurant

cybersecurity news represented by agauge showing severe risk

A ransomware attack on an unnamed third-party software supplier has disrupted Starbucks’ scheduling and payroll systems, forcing cafe managers to manually track employee hours. Beginning last week, the outage has prevented employees from viewing schedules or accurately logging worked hours. To mitigate the issue, Starbucks is paying employees for scheduled shifts, which could result in overpayments or underpayments. The company emphasized its commitment to ensuring employees are fully compensated once the issue is resolved. Customer service has remained unaffected, and Starbucks is working with the impacted vendor to restore normal operations. (UPDATE 11/27: Some news outlets have identified the software provider as Blue Yonder)

How It Could Affect Your Customers’ Business: This incident underscores the broader vulnerabilities businesses face from supply chain cyberattacks.

Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from often email-based cyberattacks like ransomware in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>


Blue Yonder

https://www.cnn.com/2024/11/24/business/ransomware-attack-blue-yonder/index.html

Exploit: Hacking

Industry: Software

cybersecurity news represented by agauge showing severe risk

Software supply-chain company Blue Yonder, owned by Panasonic, reported a ransomware attack on November 21, 2024, affecting its private cloud services. The incident disrupted supply-chain operations for major grocery chains in the US and UK. In the UK, Morrisons and Sainsbury’s implemented backup processes to manage delays, with Morrisons citing impacts on the smooth flow of goods. US chains like Albertsons and Kroger, which rely on Blue Yonder, may also be affected. Blue Yonder is working on recovery but has not provided a timeline for restoration.

How It Could Affect Your Customers’ Business: It’s a disaster for grocery stores to have supply chain problems headed into the winter holiday season.

Kaseya to the Rescue:  Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>


International Game Technology (IGT)

https://therecord.media/gambling-lottery-giant-hit-with-disruptive-cyberattack

Exploit: Hacking

Industry: Entertainment

cybersecurity news gauge indicating extreme risk

International Game Technology (IGT) experienced a cyberattack last week that disrupted parts of its internal IT systems, forcing some parts of its network offline. The company, a major provider of gambling machines, lottery systems and sports betting technology, disclosed the incident in a filing with the SEC on Tuesday. IGT has implemented workarounds to maintain customer service and is assessing the financial impact of the breach.

How It Could Affect Your Customers’ Business: This incident highlights ongoing cybersecurity risks in the gambling and tech industries.

Kaseya to the Rescue: See how an antiphishing solution that leverages AI and automation can help businesses stop phishing economically. DOWNLOAD EBOOK>>


Belle Tire

https://cybernews.com/news/belle-tire-data-breach-exposed-thousands

Exploit: Hacking

Industry: Automotive

cybersecurity news gauge indicating extreme risk

Belle Tire, a major U.S. automotive retailer, recently informed the Maine Attorney General that the company suffered a cyberattack in early summer 2024 in which the personal details of nearly 30,000 people were exposed. In the June breach, bad actors snatched a wide variety of data, including names, addresses, birth dates, Social Security numbers and driver’s licenses. The century-old company, operating 182 locations, is notifying affected individuals and taking steps to address the breach.

How It Could Affect Your Customers’ Business: All retail operations experience significantly elevated cyber risk in November and December.

Kaseya to the Rescue:  Our infographic walks you through exactly how security awareness training prevents phishing from hooking unsuspecting employees. DOWNLOAD IT>>


DemandScience

https://siliconangle.com/2024/11/14/data-breach-exposes-122m-records-demandscience-following-initial-denials

Exploit: Hacking

Industry: Business Services

cybersecurity news represented by agauge showing severe risk

DemandScience, a B2B demand generation platform, has confirmed that a database containing information on 122 million individuals, circulating since February 2024, originated from its systems. The breach was first linked to a seller on the hacking forum BreachForums, who claimed the data was associated with Pure Incubation, DemandScience’s name in 2012. The incident came to light after a victim affected by the leak contacted the company and was informed that the data came from a decommissioned system retired two years ago, despite earlier denials from DemandScience.

How it Could Affect Your Customers’ Business: This incident underscores the persistent risks associated with legacy systems and poor data management practices.

Kaseya to the Rescue: Are you taking advantage of the amazing benefits you get when you combine RocketCyber Managed SOC and Datto EDR? This product brief outlines them all! DOWNLOAD IT>>


Learn to defend against today’s sophisticated email-based cyberattacks DOWNLOAD EBOOK>>



UK – Finastra

https://techcrunch.com/2024/11/20/fintech-giant-finastra-confirms-its-investigating-a-data-breach/

Exploit: Hacking

Industry: Finance

cybersecurity news represented by agauge showing severe risk

Finastra, a leading financial software firm, is investigating a data breach after a hacker claimed to have accessed its Secure File Transfer Platform (SFTP). Detected on November 7, the breach allegedly exposed 400GB of data, including client files and internal documents. Initial evidence points to credentials that were compromised. Finastra is working to identify affected customers while confirming that not all clients use the impacted platform. The company is prioritizing securing its systems and minimizing customer impact.

How it Could Affect Your Customers’ Business: The banking and financial services sector is one of the top three sectors hit by cybercriminals in 2024.

Kaseya to the Rescue:  Learn about five ways that businesses may be in danger of trouble from the dark web in an infographic that’s also perfect for sharing on social media! DOWNLOAD IT>>


AI phishing represented by a robotic face behind several conversation bubbles

See why choosing a smarter SOC is a smart business decision. DOWNLOAD AN EBOOK>>



Australia – Vogue Homes

https://www.cyberdaily.au/security/11405-exclusive-killsec-ransomware-gang-claims-alleged-hack-of-vogue-homes

Exploit: Hacking

Industry: Construction

cybersecurity news represented by a gauge indicating moderate risk

The KillSec ransomware group has named Vogue Homes, an Australian home builder, as a victim on its darknet site, alleging it stole substantial data. The hackers claim the breach includes personal information like names, contact details, addresses, financial records, customer data, project plans and signed contractual agreements. KillSec also released scanned documents, including a floor plan and signed agreements, to substantiate its claims. Vogue Homes has yet to comment on the alleged incident.

How it Could Affect Your Customers’ Business: Bad actors aren’t just on the hunt for personal and financial data, proprietary business data is also at risk.

Kaseya to the Rescue: Run more effective security awareness and phishing resistance campaigns with this infographic featuring 10 expert tips to maximize your training programs. DOWNLOAD IT>>


a red fish hook on dark blue semitransparent background superimposed over an image of a caucasian man's hands typing on a laptop in shades of blue gray

Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>



Read this week’s feature story: Dark Web Exposure From These 9 Sources Increases Cyberattack Risk


It doesn’t matter how big or small a business might be. If that business has any information exposed on the dark web, it is in danger of a cyberattack. Take a look at nine sources of dark web data that substantially elevate cyberattack risk and gain insight into ways to protect business data. READ THE STORY>>


Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>


Check out our 9 Office-themed phishing simulations


Microsoft is the most impersonated brand in the world and one of the brands that many employees interact with every day. These nine new phishing kits in three languages will help keep employees on their toes to spot and stop Microsoft Office-related phishing attempts. 

Office 365 – Suspension Notice  

  • Office 365 – Aviso de Suspensión (Spanish) 
  • Office 365 – Avis de Suspension (French) 
  • Office 365 – Aviso de Suspensão (Portuguese) 

Office 365 – Exchange Service Outage  

  • Office 365 – Interrupción del Servicio de Exchange (Spanish) 
  • Office 365 – Panne du Service Exchange (French) 
  • Office 365 – Interrupção do Serviço Exchange (Portuguese) 

Office 365 – Suspicious Login  

  • Office 365 – Inicio de Sesión Sospechoso (Spanish) 
  • Office 365 – Connexion Suspecte (French) 
  • Office 365 – Login Suspeito (Portuguese) 

Learn more about these and other fresh phishing simulation kits in the Release Notes.


Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>



A profitable new eBook for MSPs: Unlocking Revenue with Managed Detection and Response 


In today’s fast-changing cyberthreat landscape, businesses face security challenges they often can’t handle alone. This creates a significant opportunity for MSPs to grow revenue while enhancing client security. Managed detection and response (MDR) solutions are a powerful tool for achieving this.
In this eBook, you’ll learn:

  • Why MDR is a smart revenue opportunity.
  • How MDR benefits MSPs and their clients.
  • Why RocketCyber is the ideal MDR partner

DOWNLOAD THE EBOOK>>

Did you miss… the Kaseya Cybersecurity Survey Report 2024DOWNLOAD IT>>


AI phishing represented by a robotic face behind several conversation bubbles

See why choosing a smarter SOC is a smart business decision. DOWNLOAD AN EBOOK>>



Cybersecurity Jeopardy returns!

December 5, 2024 | 2:00 PM ET / 11:00 AM PT

Our wildly popular Cybersecurity Jeopardy event is back for one last time in 2024. Test your knowledge in prevention, response and recovery with the interactive webinar everyone’s been waiting for! Join host Miles Walker, Channel Development Manager, as he guides expert contestants through rounds of cybersecurity challenges aimed at tackling modern threats. Audience members can also jump into the action, answer live questions and compete for exciting prizes! Don’t miss this fun opportunity to boost your cybersecurity skills and measure your expertise against the pros. REGISTER NOW>>


Read our case studies and see how MSPs and businesses have benefitted from using our solutions. READ NOW>


Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!