The Week in Breach News: 12/13/23 – 12/19/23
This week: Brazen hackers contact cancer patients to demand payment, phishing leads to a massive loss for a crypto wallet company, learn more about RocketCyber’s reporting upgrades and a look at six ways that businesses are getting ready for 2024’s cybersecurity challenges.
In The Educator’s Guide to Cybersecurity, see the cyber threats that schools face & how to mitigate them. DOWNLOAD IT>>
Insomniac Games
https://www.scmagazine.com/brief/rhysida-ransomware-attack-compromises-insomniac-games
Exploit: Ransomware
Insomniac Games: Video Game Company
Risk to Business: 2.617 = Moderate
The Rhysida ransomware gang says that it is behind a ransomware attack on Sony-owned Insomniac Games. The studio, creators of games starring Spider-man and Spyro the Dragon, confirmed that it was hit with ransomware that resulted in a data breach. Rhysida posted some of the stolen data as proof of the hack and is currently auctioning the full set for around $2 million in bitcoin. The assortment of data published includes details about Insomniac’s upcoming Wolverine game, scans of Insomniac employees’ passports and other proprietary data.
How It Could Affect Your Customers’ Business: Intellectual property is also something that bad actors are interested in stealing.
Kaseya to the Rescue: An endpoint detection and response solution can help businesses stop the spread of a cyberattack fast. This checklist helps you find the right one. DOWNLOAD IT>>
The Fred Hutch Cancer Center
https://therecord.media/seattle-fred-hutch-cancer-center-ransomware-attack
Exploit: Ransomware
The Fred Hutch Cancer Center: Medical Facility
Risk to Business: 1.691 = Severe
The Fred Hutch Cancer Center near Seattle, WA, was hit by a ransomware attack that forced the healthcare provider to take many systems offline around December 1. The group Hunters International has added Fred Hutch to its dark web leak site, claiming to have snatched 533 GB of data. Area news outlets have reported that the gang had begun emailing patients who had their data stolen. The emails informed the victim that they were one of 800,000 people whose personal information had been stolen in the breach, and that the gang would remove the person’s information from the data they plan to sell or publish for $50. The allegedly stolen information includes a patient’s medical history, lab results and Social Security numbers. The Fred Hutch Cancer Center said in a statement that they are working with law enforcement to investigate the incident.
How It Could Affect Your Customers’ Business: Ransomware gangs have been growing more brazen about contacting people who had data stolen to demand payment.
Kaseya to the Rescue: Learn how Datto EDR with Ransomware Rollback helps organizations including medical centers recover from ransomware faster. REGISTER NOW>>
ZeroedIn Technologies
https://www.jdsupra.com/legalnews/zeroedin-technologies-notifies-1-9-1390357/
Exploit: Hacking
ZeroedIn Technologies: Human Resources Analytics Platform
Risk to Business: 1.703 = Severe
ZeroedIn Technologies, a Maryland-based provider of human resources technology, has admitted that it has experienced a data breach. The company provides human resources analytics tool to major U.S. retailers including Dollar Tree and Family Dollar. The company said that an unauthorized party gained access to its computer network in August 2023, resulting in data exposure for current and former employees of those chains. An employee’s exposed data may include their name, date of birth and Social Security number.
How It Could Affect Your Customers’ Business: Business services providers can be a gold mine for bad actors looking for personal and financial data.
Kaseya to the Rescue: See how security awareness training helps keep cybersecurity threats from becoming cybersecurity disasters. DOWNLOAD INFOGRAPHIC>>
Delta Dental of California
Exploit: Hacking
Delta Dental of California: Insurer
Risk to Business: 1.840 = Severe
Delta Dental of California has announced that it has experienced a data breach stemming from the MOVEit file transfer exploit that impacts an estimated 12 million people. The insurer claims that it learned about the compromise on June 1, 2023. An investigation determined that bad actors had accessed and stolen data from its systems between May 27 and May 30, 2023. Insureds had their names, financial account numbers, and credit/debit card numbers, including security codes, exposed in the breach. Delta Dental of California provides 24 months of free credit monitoring and identity theft protection services to impacted patients.
How It Could Affect Your Customers’ Business: Healthcare companies benefit from investing in powerful defensive solutions instead of chancing regulatory fines.
Kaseya to the Rescue: Read our case studies to see how MSPs and businesses have overcome their cybersecurity challenges with the solutions in Kaseya’s Security Suite. EXPLORE CASE STUDIES>>
Every business faces insider risk, from employee mistakes to malicious acts. Learn how to mitigate it. DOWNLOAD EBOOK>>
The London Public Library
Exploit: Hacking
London Public Library: Library System
Risk to Business: 2.673 = Moderate
The London Public Library in Ontario is investigating a cyberattack that disrupted key operations systems. The attack resulted in the closure of three branch libraries and knocked out the library’s public computers as well as its digital borrowing service. The library website and electronic catalog were also disabled. Most library branches remained open, with books available to read or borrow in person. Library officials are asking the public to refrain from returning any borrowed materials while they attempt to recover from the attack.
How it Could Affect Your Customers’ Business: This is the second disruptive cyberattack that has shut down a major library system in the past month.
Kaseya to the Rescue: This infographic shows you the benefits businesses gain by choosing a managed security operations center instead of building their own. DOWNLOAD IT>>
See the challenges companies face & how they’re overcoming them in our Kaseya Security Survey Report 2023 DOWNLOAD IT>>
Ukraine – Kyivstar
Exploit: Hacking (Nation-State)
Kyivstar: Mobile Phone Company
Risk to Business: 1.136 = Extreme
In what is being described as the largest cyberattack so far in the ongoing conflict between Russia and Ukraine, top Ukrainian mobile phone company Kyivstar was hit by a cyberattack that took down its network, disrupting service to more than half of Ukrainians. The Russian hacking group Killnet has claimed responsibility for the attack. The outage put millions of people in danger of not receiving alerts of potential Russian air assaults as well as knocking out air raid alert systems in parts of Kyiv. No data was reported as stolen in the attack, which did not impact Ukraine’s military.
How it Could Affect Your Customers’ Business: The cyber component of the Russia-Ukraine war has been fast and furious with a great deal of strategic action.
Kaseya to the Rescue: Learn about the challenges that organizations have faced in 2023 and see what they’re doing to be ready for 2024 in the Kaseyya Security Survey Report 2023. DOWNLOAD IT>>
Estonia – Asper Biogene
Exploit: Hacking
Asper Biogene: Genetic Testing Company
Risk to Business: 1.601 = Severe
An estimated 10,000 people have had sensitive personal and healthcare data stolen in a cyberattack on Asper Biogene. Hackers made off with 33 GB of data including details related to paternity and fertility tests as well as testing for hereditary diseases. Stolen patient records contain individuals’ names, personal identification numbers as well as testing orders, test results and condition details. The company says that it has alerted law enforcement, the State Information System Agency (Riigi Infosüsteemi Amet) and the Data Protection Inspectorate of the incident.
How it Could Affect Your Customers’ Business: A cyberattack can hit any target, big or small, at any time for a variety of reasons so it is best to be prepared for it.
Kaseya to the Rescue: Every organization needs to be ready for trouble with an incident response plan in place. This checklist can help. DOWNLOAD CHECKLIST>>
France – Ledger
https://thecyberexpress.com/ledger-cyberattack-leads-to-money-theft/
Exploit: Phishing
Ledger: Cryptocurrency Wallet Provider
Risk to Business: 1.433 = Extreme
Paris –based DeFi company Ledger has disclosed that a phishing attack led to a security breach that resulted in the loss of $484,000 in crypto for users. Bad actors were able to gain an employee’s credentials through phishing, enabling them to access Ledger’s network to publish a phony version of Ledger’s Connect Kit containing malicious code. The kit was supposedly available for about five hours. Ledger’s development and security teams were able to implement a solution within 40 minutes of learning about the intrusion, but the damage was already done.
How it Could Affect Your Customers’ Business: Any oerganization, no matter how tech savvy, can be brought low by a simple phishing attack.
Kaseya to the Rescue: Learn more about phishing and how to mitigate the danger it brings to a company’s doorstep in our eBook Phishing 101. DOWNLOAD IT>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
RocketCyber advanced reporting update
RocketCyber’s reporting capabilities have gone through an overhaul. We’ve made numerous improvements to enhance your ability to clearly communicate important information about threats and performance to all stakeholders. The updates include:
- Redesigned graphics and layout
- Updated scheduled reporting capabilities
- New inventory reports
- A new PDF format
Learn more about the reporting capabilities of RocketCyber Managed SOC. LEARN MORE>>
How much is data really worth on the dark web? Find out in The IT Professionals Guide to the Dark Web! GET EBOOK>>
The Top Cyberthreats Schools Face and How to Stop Them Infographic
Did you know that education is the top sector for ransomware attacks? K-12 schools face a continuous bombardment of cyber threats. But which ones should they be the most worried about? This infographic breaks down the five biggest threats that K-12 schools face in clear, easy-to-understand terms, making it perfect for social sharing.
MSPs: Leverage this infographic to start profitable conversations with education clients and prospects!
Did you miss…our Keys to Selecting a Managed SOC infographic? DOWNLOAD IT>>
Learn how managed SOC gives you big security expertise on call 24/7without the big price tag. LEARN MORE>>
6 Ways that Businesses Are Preparing for Cyber Challenges in 2024
2023 has been a whirlwind of a year in cybersecurity, presenting IT professionals with an unprecedented number of new challenges. In the ever-evolving landscape of technology, the year 2024 promises a myriad of new advancements in technology, particularly in the realm of cybersecurity. In this era of constant connectivity and data-driven operations, safeguarding sensitive information and protecting a company’s networks from trouble has never been more critical or more challenging, Businesses will continue to harness the power of digital transformation to refine and improve their security in 2024. But at the same time, cybercriminals are innovating too, and the threat landscape is becoming more sophisticated and complex. Here are six ways that businesses are preparing to fortify their defenses and navigate the complex cybersecurity terrain that lies ahead.
Explore the nuts and bolts of ransomware and see how a business falls victim to an attack. GET EBOOK>>
1. Cybersecurity professionals are focused on professional development
The cybersecurity skills shortage has been a never-ending challenge for businesses and IT leaders. Belt- measures at many companies have not helped the cause. These negative conditions have left many teams trying to do more with less. One way to do that is to encourage continuing education for IT personnel, especially around cybersecurity. Cybersecurity is a complex and ever-evolving field. IT professionals need constant cybersecurity education to keep up with today’s demands as well as be ready for what’s next. Among our survey respondents, the top certifications held or being pursued in the next year are Certified Information Systems Security Professional (37%) and Certified Information Security Manager® (34%).
Which of the following cybersecurity certifications do you have or are pursuing in the next 12 months?
| Responses | % of responses |
| Certified Information Systems Security Professional (CISSP) | 37% |
| Certified Information Security Manager (CISM)® | 34% |
| CompTIA Security+ | 26% |
| GIAC Information Security Fundamentals (GISF) | 23% |
| Certified Information Systems Auditor (CISA)® | 22% |
| GIAC Security Essentials Certification (GSEC) | 22% |
| Microsoft Certified: Security, Compliance and Identity Fundamentals | 20% |
| Google Cybersecurity | 20% |
| None | 10% |
Source: Kaseya Cybersecurity Survey Report 2023
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
2. More than half of the businesses plan to invest in cyber insurance in the next 12 months
Cyber insurance has become a must-have for businesses. The cyber insurance market is projected to grow globally to $33 billion in premiums by 2027, up from an estimated $12 billion in premiums in 2023. The majority of our respondents (79%) said that their organization has cyber insurance. Our respondents also indicated that if their company doesn’t have cyber insurance, they’re planning to invest in it soon. Nearly two-thirds of respondents (62%) said that their organization is at least somewhat likely to purchase cyber insurance in the next 12 months.
How likely is your organization to invest in cyber insurance in the next 12 months?
| Response | % of responses |
| We already have cyber insurance | 27% |
| Extremely Likely | 17% |
| Very likely | 25% |
| Somewhat likely | 20% |
| Not likely | 7% |
| I don’t know | 5% |
Source: Kaseya Cybersecurity Survey Report 2023
Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>
3. Companies are investing in security support for both onsite and remote workers longterm
Businesses have undergone unprecedented transformation in the past few years. That’s especially evident when considering remote work. From workers connecting from home offices to road warriors connecting on the move, companies need to be ready to support a dynamic workforce. By 2025, 32.6 million U.S. workers or about or 22% of the U.S. workforce will work remotely. Almost all of our respondents (95%) said that their IT team supports a remote workforce in some capacity. More than one-third (38%) of respondents said that 11% to 25% of their company’s workforce is remote. Another quarter (25%) indicated that 26% to 50% of their employer’s staff work remotely. This illustrates how essential it is for companies to consider on-site and remote threats when devising their security plan.
Approximately what percentage of your workforce works remotely?
| Percentage of remote workers the IT team supports | Response |
| 100% — all employees work remotely | 1% |
| 76% to 99% | 4% |
| 51% to 99% | 13% |
| 26% to 50% | 25% |
| 11% to 25% | 38% |
| 1% to 10% | 19% |
| 0% — all employees work at a company site | 5% |
Source: Kaseya Cybersecurity Survey Report 2023
Learn how Datto EDR satisfies cyber insurance requirements for endpoint protection & EDR. DOWNLOAD REPORT>>
4. Businesses are preparing for attacks via email
When considering the vector through which their organization might suffer a successful cyberattack, one-quarter of our respondents chose email, highlighting the importance of having powerful, layered email security solutions in place to minimize risk. Nearly another one-quarter of survey respondents said that they consider endpoints to be their most vulnerable vector (23%). It is interesting to note that 22% of respondents chose a people-related vector, human error or insider threat, as the most likely conduit for a successful cyberattack against their employer. This result reinforces the importance of security awareness training for every employee. Education and training dramatically reduce a company’s risk of falling prey to a cybersecurity incident.
Which of the following threat vectors are you most concerned about being the gateway to a successful attack in the next 12 months?
| Attack Vector | Response |
| 25% | |
| Human error (social engineering, distraction) | 16% |
| Endpoint (server) | 12% |
| Endpoint (laptop) | 11% |
| Cloud | 10% |
| Network | 8% |
| Insider threats | 6% |
| Supply chain | 5% |
| Unpatched systems (Zero-day attacks) | 5% |
| None | 2% |
Source: Kaseya Cybersecurity Survey Report 2023
See how security awareness training stops the biggest security threats! GET INFOGRAPHIC>>
5. IT professionals aren’t overlooking the possibility that their organization will fall victim to phishing in the next year
Nine in 10 of today’s most dangerous and devastating cyberattacks, like ransomware and BEC, typically start with phishing. Unfortunately, most of our survey respondents said they believe their organization is likely to fall victim to a phishing attack in the next year (80%). Now is the time to take measures, such as improving email security and educating users through phishing simulations, to prevent that attack from landing.
What do you believe is the likelihood that your organization will experience a successful phishing attack in the next 12 months?
| Likelihood of falling victim to a phishing attack | Response |
| Somewhat likely | 50% |
| Very likely | 24% |
| Not very likely | 17% |
| Extremely likely | 6% |
| Not at all likely | 3% |
Source: Kaseya Cybersecurity Survey Report 2023
Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>
6. Most businesses have learned from experience to expect supply chain cyberattacks
Supply chain cyberattacks have been the story of the year in 2023. The prime example this year was the MOVEit file transfer exploit that impacted more than 2000 businesses worldwide. In our survey, the majority of our respondents (61%) said their organization experienced a cyberattack through their supply chain or a third-party service provider. Supply chain cyberattacks are expected to be a continued problem for businesses in 2024 and moving forward. While advancements in technology are very beneficial to the world, technology dependence offers bad actors prime opportunities for exploitation through zero-day vulnerabilities. As the world grows more digitally interconnected, digital risks like zero-day exploits will pop up more frequently.
Have you experienced a supply chain attack through your supplier or service provider?
| Response | Response |
| Yes | 61% |
| No | 33% |
| I don’t know | 6% |
Source: Kaseya Cybersecurity Survey Report 2023
This handy checklist of smart security practices helps businesses kick off the new year right! GET CHECKLIST>>
Find the solutions you need to prepare for 2024’s challenges in Kaseya’s Security Suite
Kaseya’s Security Suite has the tools that IT professionals need to mitigate cyber risk effectively and affordably, featuring automated and AI-driven features that make IT professionals’ lives easier.
BullPhish ID — This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.
Dark Web ID — Our award-winning dark web monitoring solution is the channel leader for a good reason: it provides the greatest amount of protection around with 24/7/365 human and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.
Graphus — Automated email security is a cutting-edge solution that puts three layers of AI-powered protection between employees and phishing messages. It works equally well as a standalone email security solution or supercharges your Microsoft 365 and Google Workspace email security.
Kaseya Managed SOC powered by RocketCyber — Our managed cybersecurity detection and response solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.
Datto EDR — Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).
Vonahi Penetration Testing – How sturdy are your cyber defenses? Do you have dangerous vulnerabilities? Find out with vPenTest, a SaaS platform that makes getting the best network penetration test easy and affordable for internal IT teams.
Follow the path to see how Managed SOC heroically defends businesses from cyberattacks. GET INFOGRAPHIC>>
Watch this space for exciting webinars and events in 2024 coming soon!
Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!