The Week in Breach: Cybersecurity Awareness Month – MUCH NEEDED spotlight

Make sure to add us or contact us for the latest news

Real-Time Service Alerts




Cybersecurity Awareness Month is Upon Us and Not a Moment Too Soon

There is a sharp uptick in the cyberthreats we have been seeing this past week; most especially the ongoing DDOS attack against VOIP Providers

October is the month that has been deemed ‘Cyber Security Awareness Month’ and we are grateful for the bandwidth bump in the IT world. We were hopeful after cyber threats died down a bit after the REvil disband, but that relief was short-lived. On Saturday, September 25th – a large-scale DDOS (Denial of Service) attack against a Canadian VOIP (Voice Over Internet Protocol) provider spilled over to many more VOIP providers. As of the release time of our Week in Breach – this attack is still ongoing.

Ironically (or not) – this attack has not gotten any press outside of the IT world circle which we touched on here. We are interested to see if the month-long focus on the Cyber Security Awareness campaign Led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCSA) will pick up on this attack and shine a light on how massive disruptions like this can be mitigated going forward.

As we have each week, we will still be highlighting news you need to know about in regards to cybersecurity and cyber threats. As always – we preach vigilance and awareness in all things cyber-related.

Dark Web ID’s Top Threats This Week


 

New Cooperative & Crystal Valley Cooperative

https://www.scmagazine.com/analysis/ransomware/food-and-agriculture-industry-needs-more-threat-intel-as-ransomware-attacks-crop-up/

Exploit: Ransomware

New Cooperative & Crystal Valley Cooperative: Agricultural Services

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.337 = Extreme

 

Twin breaches in agriculture have the potential to cause significant disruptions in the US food supply chain. Iowa-based farm service provider New Cooperative was the first ag company hit with a ransomware attack early last week, causing the company to shut down its IT systems. As part of its announcement, the company stated that there would be “public disruption” to the grain, pork and chicken supply chain if its operations are not restored quickly. New ransomware group BlackMatter claimed responsibility, releasing proof on their dark web leak site, saying that they have 1,000GB of data. BlackMatter is demanding a $5.9 million ransom. Minnesota-based farm supply and grain marketing cooperative Crystal Valley was the next hit by a ransomware attack a few days later. The company announced that all of its corporate IT systems were shut down and they were unable to process credit card payments. It also noted that this is a very bad time for cyberattacks in the industry as it is harvest season. No group has yet claimed responsibility for this incident.

Individual Impact: No personal, financial or sensitive data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business: As we learned throughout the pandemic, cybercriminals are aware of when it’s the worst possible time for them to strike and they’ll use that as leverage in their attacks.

IntegraMSP to the Rescue: Two in five ransomware victims in 2020 were SMBs. No business is safe from this menace. Help your clients mount a strong defense with the insight gained in Ransomware Exposed. GET THIS EBOOK>>


Simon Eye & US Vision

https://www.govinfosecurity.com/hacking-incidents-lead-to-2-big-eye-care-provider-breaches-a-17587

Exploit: Hacking

Simon Eye & US Vision: Optometry Clinic Operators

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.606=Severe

A pair of breaches in the optometry world by Simon Eye and US Vision has exposed the personal and health information of tens of thousands of US patients. Delaware-based Simon Eye Management, a chain of clinics that provide eye exams, eyeglasses and surgical evaluations, reported a hacking incident to the US Department of Health and Human Services (HHS) affecting more than 144,000 individuals. This incident also included an aborted business email compromise attempt. In their HIPAA filing, the breach involved an unauthorized third party accessing certain employee email accounts in May 2021 as cybercriminals attempted to pull off wire transfer and invoice manipulation attacks against the company. New Jersey-based USV Optical Inc., a division of US Vision, has also reported a breach to HHS caused by hacking. The company says the incident involved unauthorized access to certain servers and systems between April 20 and May 17, 2021.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.667= Severe

A total of 320,000 US residents may be impacted by these breach incidents. Simon Eye’s disclosure detailed patient information that had potentially been compromised by the incident including patient names, medical histories, treatment or diagnosis information, health information, health insurance information and some Social Security numbers, date of birth and/or financial account information. US Vision disclosed that patient Information potentially compromised in the incident includes patient names, addresses, date of birth and eye care insurance information.

Customers Impacted: 320,000

How It Could Affect Your Business When companies fail to keep highly sensitive data like this safe, they take a direct hit to the wallet since it costs them a fortune in HIPAA fines once regulators get finished with them.

IntegraMSP to the Rescue: Building cyber resilience helps insulate organizations from trouble. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>


Marcus & Millichap

https://searchsecurity.techtarget.com/news/252507058/Marcus-Millichap-hit-with-possible-BlackMatter-ransomware

Exploit: Ransomware

Marcus & Millichap: Real Estate Firm

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.636 = Severe

Real estate giant Marcus & Millichap has suffered a ransomware attack. Suspected to be the work of the BlackMatter ransomware gang, the firm disclosed in an SEC filing that it had seen no evidence of a data breach, although Black Matter did post some authentic-looking sample files with its ransomware demand on its dark web leak site. The incident is under investigation. (The second breach in this pair is in the South America section.)

Individual Impact: No personal, financial or sensitive data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Business Booming dark web data markets mean that cybercriminals are hungry for all kinds of data, especially customer records and financial information.

IntegraMSP to the Rescue:  See how to transform employees into security assets to become the real secret weapon that successful organizations deploy to fight cybercrime! WATCH NOW>>


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.