The Week in Breach – Schools are rocked by a flood of cyberattacks

Make sure to add us or contact us for the latest news

Breach News This Week: Featured Threat


As Students Go Back To School Virtually, Cybercriminals Are Logging In Too


Many school districts in the US and other countries are pursuing distance education this fall as the COVID-19 pandemic continues to impact in-person gatherings. As school systems rely on technology like email and video conferencing to teach classes, cybercriminals are making the most of this opportunity to score paydays and information from a sector that isn’t ready for them – considering the dismal state of cybersecurity education in the US, it stands to reason that schools’ cybersecurity isn’t much better.

Traditionally, schools and universities aren’t major targets for cybercrime. Public school systems, individual private or religious schools, community colleges, and universities haven’t traditionally been worth the trouble, since few schools could offer a rich ransomware payoff or valuable research and development data to make it worth a cybercriminal’s time.

That’s all changed in the new era of distance learning. Cybercriminals are regularly targeting school systems of every size and stripe to deploy ransomware and collect payments quickly as they disrupt distance learning. Incidents are popping up everywhere including:

And the list goes on. An influx in cyberattacks on schools isn’t just bad news for school systems either. Businesses can be impacted by these incidents as well when parents and students share the same WiFi networks and devices.

Add Protection to Prevent Intrusion

The fastest, easiest way for any business to immediately add a strong layer of protection between crucial systems and data and bad actors is to add a strong, fast-deploying secure identity and access management solution like Passly.

The combined power of Multifactor Authentication and Single Sign-On with simple remote management means that IT staffers can more easily guard and control the gateways that give access to information – letting the right people have access to the right things, anytime, anywhere, and keeping cybercriminals out.

New This Week in Cybersecurity News – United States


by Kevin Lancaster

Breach News This Week: Schools are rocked by a flood of cyberattacks, there’s no place like home for ransomware, the New Zealand Stock Exchange saga, and details about our upcoming “Cybersecurity Trilogy: Predict, Protect, Plan” webinar series!


Dark Web ID’s Top Threats


  • Top Source Hits: ID Theft Forum
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 501+

Breach News This Week – United States


United States –  Southeastern Pennsylvania Transit Authority

https://www.govtech.com/public-safety/Malware-Attack-Stifles-Philadelphia-Area-Transit-Agency.html?&web_view=true

Exploit: Ransomware

Southeastern Pennsylvania Transit Authority: Municipal Transportation Agency

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

Risk to Business: 1.802 = Severe

An attack on its servers brought many operations at the Southeastern Pennsylvania Transit Authority to a screeching halt. Starting Aug. 10, SEPTA was unable to provide real-time updates to riders. At the same time, SEPTA staffers were unable to access basic business applications like email and project files. The agency has already been having difficulty with operations and morale internally, and this has not helped the cause.

Individual Risk: No personal or financial information was reported as compromised in this incident, including SEPTA Key cards.

Customers Impacted: 308K + riders and 9,200 employees

How it Could Affect Your Business: Not only are customers inconvenienced, ongoing technology troubles with no definite cause, poor communication on all fronts, and no end in sight doesn’t just impact your customers, it also destroys your employees’ morale, leading to hiring and retention problems as well as malicious insider threats.

 


United States – Valley Health Systems

https://securityaffairs.co/wordpress/107580/cyber-crime/valley-health-systems-revil-ransomware.html?web_view=true

Exploit: Ransomware

Valley Health Systems: Healthcare Organization

cybersecurity & breach news represented by a gauge showing severe risk & Breach News This Week

Risk to Business: 2.177 = Severe

Netwalker ransomware appears to be the culprit in a data breach at the University of Utah. The school reportedly paid a ransomware gang $457,059 in order to avoid having student information released online. The hack occurred on July 19, and the cybercriminals gained access to the network of the university’s College of Social and Behavioral Science [CSBS].

cybersecurity news represented by a gauge showing severe risk &Breach News This Week

 

Individual Risk: 2.224 = Severe

Even when a ransom is paid, there’s never proof that the gang really did destroy the stolen data, instead of copying it or selling it. Students should be aware of this data being used in spear phishing attempts.

Customers Impacted: Unknown

How it Could Affect Your Business Ransomware is everywhere and it’s most commonly delivered through a phishing email, and this gang has been particularly active lately, especially against healthcare targets as COVID-19 research and treatment data remains a hot commodity in Dark Web markets.


United States – Utah Pathology

https://kutv.com/news/local/breach-exposes-critical-patient-data-of-more-than-100k-at-utah-pathology-services?&web_view=true

Exploit: Unauthorized Access to Data

Utah Pathology: Healthcare Service Provider

cybersecurity news represented by a gauge showing severe risk Breach News This Week

Risk to Business: 1.775 = Severe

A breach was uncovered when an unknown party attempted to redirect funds from within Utah Pathology, revealing an intrusion that exposed sensitive data and PII including date of birth, gender phone number, mailing address, email address, insurance information including ID and group numbers, and clinical and diagnostic information related to pathology services and for a smaller percentage of patients, their Social Security number.

 

cybersecurity news represented by a gauge showing severe risk Breach News This Week

 

Individual Risk: 1.774 = Severe

Letters have been mailed to those patients whose information was impacted and the practice has made the services of security company Cyberscout available to those with exposed data free for 12 months.

Customers Impacted: 112,000

How it Could Affect Your Business: Health care information is at a premium right now because it is a hot seller on the Dark Web. But a healthcare data breach doesn’t just expose information, it also exposes you to regulatory scrutiny and data privacy violation fines.

 


United States – Houston United Memorial Medical Center

https://www.databreaches.net/already-in-the-midst-of-a-crisis-a-houston-hospital-was-attacked-by-ransomware/

Exploit: Ransomware

Houston United Memorial Medical Center: Regional Hospital

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

 

Risk to Business: 1.612 = Severe

Althouth the gang had previously said that they were not attacking medical targets during the pandemic, on or about August 3, Maze ransomware was unleashed on Houston United Memorial Medical Center, and the gang added UMMC to their leak site. Maze posted as proof of the claimed UMMC hack some general files from the center, and one folder containing some identifiable (but unconfirmed) patient records. The hospital has made no announcement regarding the impact or severity of the hack.

cybersecurity news represented by a gauge indicating moderate risk Breach News This Week

 

Individual Risk: 2.782 = Moderate

So far, there’s limited evidence that a significant amount of patient data was exposed in this incident.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware isn’t going away anytime soon. In fact, updated varieties like double extortion ransomware are entering the scene to cause more damage to businesses that fail to guard against the most likely infection vector: phishing.


The Week in Breach Cybersecurity and New Breach News Risk Levels


1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach Cybersecurity and New Breach News are calculated using a formula that considers a wide range of factors related to the assessed breach.