Please fill in the form below to subscribe to our blog

The Week in Breach News: 12/11/24 – 12/17/24

December 18, 2024

This week: Bad actors carry out multiple critical infrastructure attacks; bad actors interrupt donut sales at Krispy Kreme; a new Cooper Insight for BullPhish ID and a deep dive into how IT professionals can secure industrial control systems (ICS).





Center for Vein Restoration

https://www.jdsupra.com/legalnews/center-for-vein-restoration-notifies-4231468

Exploit: Hacking

Industry: Healthcare

On December 5, 2024, the Center for Vein Restoration (CVR) in Maryland reported a data breach to the U.S. Department of Health and Human Services. CVR told regulators that an unauthorized party accessed sensitive patient and employee information on October 6, 2024. Potentially exposed information includes names, addresses, Social Security numbers, medical records, financial data and employment details. CVR stated that it notified 446,094 affected individuals after completing its investigation.

How It Could Affect Your Customers’ Business: Medical practices, hospitals and clinics must be extremely aware of potential cyber risk created by service providers and suppliers.

Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from often email-based cyberattacks like ransomware in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>


Wood County, Ohio

https://statescoop.com/wood-county-ohio-ransomware-emergency-services/

Exploit: Ransomware

Industry: Government

A ransomware attack on Wood County, Ohio, has forced emergency dispatchers to revert to using pen and paper while fielding calls and coordinating with first responders. Despite the disruption, officials reassured the public that fire and emergency services, including 911, remain operational. The attack affected multiple public safety departments linked to the Wood County Sheriff’s Office, including dispatch, jails and the Bowling Green Police Division. The Bowling Green Police Department is also unable to access some historical police records. The county’s IT department is collaborating with the FBI and third-party cybersecurity experts to address the incident.

How It Could Affect Your Customers’ Business: A successful cyberattack on a government or government agency that disrupts the dispatch of first responders is a major threat to public safety.

Kaseya to the Rescue:  Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>


ENGlobal Corporation

https://therecord.media/energy-industry-contractor-ransomware-disruption

Exploit: Ransomware

Industry: Energy & Utility

ENGlobal Corporation, a major contractor for the energy industry, confirmed it is dealing with a ransomware attack that has disrupted operations. The company reported the incident to the U.S. Securities and Exchange Commission on Monday, revealing that the attack was discovered on November 25. A preliminary investigation found that a threat actor illegally accessed and encrypted some of the company’s data files. In response, ENGlobal has restricted employee access to its IT system, limiting it to essential business operations. The company has launched an internal investigation and enlisted external cybersecurity experts, though the timeline for restoring full system access remains unclear. ENGlobal has not yet determined if the attack will materially impact its financial performance, and no ransomware group has claimed responsibility for the breach.

How It Could Affect Your Customers’ Business: This incident highlights ongoing cybersecurity challenges that companies in the energy sector continue to face.

Kaseya to the Rescue: See how an antiphishing solution that leverages AI and automation can help businesses stop phishing economically. DOWNLOAD EBOOK>>


Krispy Kreme

https://therecord.media/online-ordering-cyberattack-krispy-kreme

Exploit: Hacking

Industry: Retail & eCommerce

Krispy Kreme reported a cyberattack that began two weeks ago, affecting online ordering in parts of the U.S. The company discovered unauthorized activity on its IT system on November 29 and began an investigation. While all stores remain open, the attack is causing operational disruptions, particularly in digital sales. Krispy Kreme warned that the incident could significantly impact business operations due to lost revenue and recovery costs, including fees for cybersecurity experts, noting that its cyber insurance will cover some costs. The company is working with external experts and has notified federal law enforcement. No hacking group has claimed responsibility for the attack.

How It Could Affect Your Customers’ Business: Knocking out a company’s eCommerce capability as well as its in-store technology can be devastating to its sales.

Kaseya to the Rescue:  Our infographic walks you through exactly how security awareness training prevents phishing from hooking unsuspecting employees. DOWNLOAD IT>>


Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>



Costa Rica – Refinadora Costarricense de Petróleo

https://therecord.media/costa-rica-state-energy-company-ransomware

Exploit: Ransomware

Industry: Energy & Utility

Costa Rica’s state-owned energy provider, Refinadora Costarricense de Petróleo (RECOPE), was hit by a ransomware attack last week, forcing the company to switch to manual operations and seek international assistance. The attack, discovered on Wednesday morning, disrupted RECOPE’s digital payment systems, prompting the company to conduct fuel sales manually. RECOPE, which imports, refines, and distributes fossil fuels across Costa Rica while operating pipelines from the Caribbean to the Pacific, extended operations at tanker terminals late into the night on Wednesday and into Thursday. The company assured the public that there were no fuel shortages while working with the Ministry of Science, Innovation, Technology, and Telecommunications (MICITT) to resolve the issue. 

How it Could Affect Your Customers’ Business: Energy companies are an essential element of critical infrastructure, and it is critical to protect them from cyberthreats that could take them down.

Kaseya to the Rescue: Watch this webinar to explore K365 User, our latest innovation to empower small and midsize businesses to maximize security while boosting productivity. LEARN MORE>>


GRA CARTOON LITTLE FISHES AT ON HOOK BLACK BLUE

Learn how to minimize phishing risk with AI & automation in The Anti-phishing Email Security Buyer’s Guide GET IT>>



Croatia – The Port of Rijeka 

https://www.worldcargonews.com/news/2024/12/cyberattack-targets-port-of-rijeka-data-stolen/?gdpr=deny&gdpr=accept

Exploit: Ransomware

Industry: Logistics & Transport

The Port of Rijeka in Croatia was targeted by a cyberattack over the weekend, with the 8Base ransomware group claiming responsibility. Stolen data includes sensitive accounting records, employment contracts, personal information, and NDAs. The group has set a ransom deadline of December 10. While some data was compromised, the port’s systems were quickly restored using a backup, and the ransom has not been paid. Authorities reassured the public that operations continue, despite the breach.

How it Could Affect Your Customers’ Business: Port authorities are essential elements of critical infrastructure and must be protected.

Kaseya to the Rescue:  Learn about five ways that businesses may be in danger of trouble from the dark web in an infographic that’s also perfect for sharing on social media! DOWNLOAD IT>>


Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>



Japan – Kurita Water Industries

https://therecord.media/us-subsidiaries-japanese-water-treatment

Exploit: Ransomware

Industry: Energy & Utility

Kurita Water Industries, a Japanese water treatment company, confirmed that ransomware actors stole data and encrypted servers at its U.S. subsidiary, Kurita America, on November 29. The breach affected multiple servers, which were disconnected from the network. The company acknowledged that customer, business partner, and employee data may have been exposed to third parties. Despite the incident, Kurita reported that business operations have not been disrupted, as main servers have been restored. The company is continuing its investigation into the breach. Kurita, founded in 1949, creates chemicals for water and wastewater treatment. 

How it Could Affect Your Customers’ Business: This attack has the potential to hit critical infrastructure in multiple ways and could be the catalyst for a major water-related problem that threatens public health.

Kaseya to the Rescue: Run more effective security awareness and phishing resistance campaigns with this infographic featuring 10 expert tips to maximize your training programs. DOWNLOAD IT>>


IDA-GRP-Blog-Image-May

Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>



Read this week’s feature story: IT Pros Can Help Mitigate the Growing Threat of Cyberattacks on Industrial Controls


Industrial control systems (ICS) are the beating heart of critical infrastructure like power grids and manufacturing plants – and unfortunately, cyberthreats to these crucial technologies have been steadily increasing. Learn more about the critical role IT professionals play in protecting these systems and get tips to help strengthen a company’s defenses. READ MORE>>


Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>


New Cooper Insight: Automate training course email reminders


A new Cooper Insight in KaseyaOne is designed to send email reminders automatically to users who have not yet completed their scheduled training courses. This feature helps IT professionals ensure that training completion rates are maximized without them having to send email reminders manually.

Learn more about this new feature and other recent innovations for BullPhish ID in the Release Notes. READ NOW>> 


Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>



Our new Guide to Phishing Protection for Businesses is here!


Take a deep dive into how to protect businesses from today’s biggest menace: phishing. Most of today’s most dangerous and damaging cyberattacks, like ransomware, business email compromise (BEC) and brand impersonation have one thing in common: they’re all typically kicked off by a phishing email. In our eBook Guide to Phishing Protection for Businesses, you’ll gain valuable knowledge to assist you in your fight.

You’ll learn about:

  • The hallmarks of today’s sophisticated phishing attacks
  • How bad actors are using tools like artificial intelligence to create dangerously compelling phishing messages (and how you can use it to defend against them)
  • Strategies and tools to mitigate phishing risk

Download your guide now! DOWNLOAD IT>>

Did you miss… The 12 Days of Tips to Help Businesses Reduce Holiday Cyber-Risk infographic? DOWNLOAD IT>>


dark web threats represented by a hacker in a hoodie shrouded in shadows with faint binary code

Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>



Stay tuned to be among the first to know about the fun and informative events we have planned for 2025!


Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!


Read our case studies and see how MSPs and businesses have benefitted from using our solutions. READ NOW>