The Week in Breach – It’s Cybersecurity Awareness Month – Phishing Tip Sheet

Make sure to add us or contact us for the latest news

The Week in Breach: Featured – National Cybersecurity Awareness Month – Phishing Tips

It is National Cybersecurity Awareness Month – as such, the Cybersecurity & Infrastructure Security Agency (CISA) has put together a handy list of tip sheets to combat cyberthreats on all fronts.

HOW CRIMINALS LURE YOU IN
The following messages from the Federal Trade Commission’s OnGuardOnline are examples of what attackers may email or text when phishing for sensitive information:

  • “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below, and confirm your identity.”
  • “During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
  • “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”
  • To see examples of actual phishing emails, and steps to take if you believe you received a phishing email, please visit “

To find out tips on how to mitigate your phishing risk, click here to download the CISA Phishing Tip sheet.

The Week in Breach – United States


United States –  Arthur J. Gallagher & Co.

https://securityaffairs.co/wordpress/108925/malware/ajg-ransomware-attack.html

Exploit: Ransomware

Arthur J. Gallagher & Co.: Insurance Brokerage

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.119 = Severe

Ransomware struck at insurance giant Arthur J. Gallagher last week, according to the company’s Untied States Securities and Exchange Commission filing. The report went on to note that a limited portion of its internal systems were impacted and its operations were able to continue. Security researchers suspect that bad actors were able to exploit a known security flaw in the company’s servers to gain entry.

Individual Risk: So far, no personal data from clients or employees was noted as exposed in the breach, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Business: Nowadays, ransomware operators aren’t just seeking ways to steal data – they also want to disrupt operations to cause damage.

IntegraMSP to the Rescue: Protect your company from phishing-based email threats like ransomware. LEARN MORE>>


United States – Cache Creek Casino

https://www.dailydemocrat.com/2020/09/30/cyberattack-shuts-down-cache-creek-casino/

Exploit: Ransomware

Cache Creek Casino: Resort

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.492 = Extreme

Ransomware cleaned up at Cache Creek Casino in California, shutting down operations at the popular gambling destination just as it began recovering from a COVID-19 closure earlier this year. No reopening date has been set as the investigation and recovery continues. Other businesses including a golf club and shopping at the complex remain open. Cache Creek Casino is part of Cache Creek Casino Resort, one of Northern California’s largest casino-resort destinations, is owned and operated by the Yocha Dehe Wintun Nation.

 

Individual Risk: No individual information was reported as compromised in this incident.

Customers Impacted: Unknown

How it Could Affect Your Business More than 60% of businesses that experience a damaging cyberattack close – and it’s even more dangerous now as businesses try to recover from COVID-19 closures.

IntegraMSP to the Rescue: BullPhish ID is the easy, cost-effective solution that helps companies train staffers to be aware of phishing (and ransomware) risks including “set it and forget it” campaign management and plug-and-play training kits. LEARN MORE>>


United States – District of Columbia Bar Association

https://techcrunch.com/2020/09/30/district-columbia-bar-exposed-personal-data/

Exploit: Unsecured Database

District of Columbia Bar Association: Regulatory Body

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.077 = Severe

An unsecured Elasticsearch server appears to be at fault for a data breach involving the personal data of new lawyers applying to test before the bar at the District of Columbia Bar Association. A whistleblower complaint was first submitted to the association in August, but resolution was slow, and applicant data may have leaked for some time before it was fixed. The DC Bar claims that only one record was exposed, but researchers and applicants who discovered the breach dispute that claim.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.206 = Severe

Documents uploaded by applicants that may have been exposed include documents containing personal information like names, phone numbers, email addresses, Social Security numbers, the applicant’s full employment history, previous home addresses, and any disciplinary records provided.

Customers Impacted: Unknown

How it Could Affect Your Business: Serious personal information deserves serious security. Any company that collects sensitive information about clients or applicants needs to do due diligence to determine that the information is properly secured.

IntegraMSP to the Rescue: Don’t let your business just walk into a preventable cybersecurity incident like the failure to secure a database. Make sure that staffers are adhering to basic security best practices with security awareness training from ID Agent. LEARN MORE>>


United States – Clark County School District

https://www.wsj.com/articles/hacker-releases-information-on-las-vegas-area-students-after-officials-dont-pay-ransom-11601297930

Exploit: Ransomware

Clark County School District: Education System

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

 

Risk to Business: 1.871 = Severe

Cybercriminals have followed through on their threats to release the information that they’d snatched about students after officials refused to pay the ransom demanded to release it. Students in the Clark County School District, Las Vegas, Nevada discovered over the weekend that their school records had been dumped on the Dark Web,

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

 

Risk to Individual: 1.660 = Severe

The leak included detailed personal and student record information including students’ names, social security numbers, addresses, and some financial information as well as grades, testing, awards, and disciplinary reports. Impacted students should be wary of spear phishing or identity theft attempts.

 

Customers Impacted: 320,000

How it Could Affect Your Business: Failing to institute regular security awareness training including phishing resistance leaves organizations ripe for ransomware – and cybercriminals are more than willing to double down on ransom demands.

IntegraMSP to the Rescue: BullPhish ID enables organizations of any size to implement phishing resistance training quickly and easily, bringing staffers up to date on the latest threats without breaking the bank. LEARN MORE>>


United States – eResearch Technology

https://www.bleepingcomputer.com/news/security/uhs-hospitals-hit-by-reported-country-wide-ryuk-ransomware-attack/

Exploit: Ransomware

eResearch Technology: Medical Research Technology Provider

cybersecurity news gauge indicating extreme risk

 

Risk to Business: 1.330 = Extreme

In a disturbing turn of events, eResearch Technology was severely impacted by a ransomware attack that slowed down progress on COVID-19 vaccine and treatment research. The provider of technology that enables clinical trials and data sharing at organizations including AstraZeneca, Oxford University, and Bristol Myers Squibb, reported that its employees could not access many systems. That in turn affected clinical trials in progress as researchers were forced to track patient data manually using pen and paper. Systems were down for several days for repair.

Individual Risk: No personal data has been reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware is a devastating weapon that bad actors are using to shut down essential services and attacks in the medical sector have been escalating – just last week healthcare giant Universal Health Services was walloped by ransomware and is still recovering.

IntegraMSP to the Rescue: Ransomware is almost always the nasty payload of a phishing email. Automate your company’s defense against phishing to stop ransomware in its tracks. SEE HOW IT WORKS>>


United States – Oaklawn Hospital

https://www.beckershospitalreview.com/cybersecurity/michigan-hospital-email-phishing-attack-exposes-26-861-patients-info-4-notes.html

Exploit: Phishing

Oaklawn Hospital: Medical Care Provider

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Risk to Business: 2.126 = Severe

Multiple successful phishing forays at Michigan’s Oaklawn Hospital netted a wealth of information for cybercriminals. After gaining access to several employee email accounts, cybercriminals were able to exfiltrate patient data. The attack is believed to have occurred in April 2020 but was just disclosed in a filing.

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Individual Risk: 1.811 = Severe

Patient information exposed as a result of the incident included names, passwords, dates of birth, addresses, phone numbers, medical and health insurance numbers, Social Security numbers, financial account information, and driver’s license numbers. Impacted patients should be alert to potential phishing and fraud attempts.

Customers Impacted: 26,861

How it Could Affect Your Business: Not only does a data breach leave a huge mess of expensive cleanup behind, in many industries like healthcare, a data breach can also mean your organization will be paying big regulatory penalties and fines too.

IntegraMSP to the Rescue: Information like the patient data obtained in this breach is a hot seller on the Dark Web. Prevent leaked credentials from giving cybercriminals a route into your systems and data with 24/7/365 credential monitoring using Dark Web ID. SEE DARK WEB ID IN ACTION>>


United States – Piedmont Cancer Institute

https://www.beckershospitalreview.com/cybersecurity/piedmont-cancer-institute-email-phishing-incident-exposes-5-226-patients-info.html

Exploit: Phishing

Piedmont Cancer Institute: Specialty Medical Clinic

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Risk to Business: 2.234 = Severe

Atlanta-based Piedmont Cancer Institute experienced a data breach exposing patient records and other sensitive information after an employee fell for a phishing attack. the incident occurred in a window stretching from mid April to early May and was just disclosed.

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Individual Risk: 2.206 = Severe

Patient information exposed due to the email hack includes names, dates of birth, financial account information, and credit/debit card information. Patients who have been affected have been informed and should be alert for identity theft since payment card information was part of this breach.

Customers Impacted: 5,226

How it Could Affect Your Business: Securing access to sensitive data is essential. Piedmont Cancer Institute is adding multifactor authentication to combat future incursions, a must-have for every business.

IntegraMSP to the Rescue: Passly packs essential secure identity and access management tools like multifactor authentication, single sign-on, secure shared password vaults, and more in one cost-effective package. SEE DARK WEB ID IN ACTION>>

The Week in Breach Risk Levels


1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.