Categories
The Week in Breach

The Week in Breach News: 03/11/21 – 09/11/21

Canada’s biggest cyberattack ever disrupts Newfoundland and Labrador healthcare, ransomware is the real villain at Diamond Comic Distributors, phishing wreaks havoc at a defence contractor.



Diamond Comic Distributors

Exploit: Ransomware

Diamond Comic Distributors: Periodical Distributor 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.417= Severe

It’s a bird, it’s a plane, it’s a ransomware attack at Diamond Comic Distributors. The Baltimore-based company, the exclusive distributor of Image Comics and a publishing outlet for dozens of small-press comics publishers, suffered a ransomware attack last Friday that took down the company’s website and customer service platforms all weekend into Monday. Diamond said in a statement that it did not anticipate that any customer financial data had been impacted by this event. Investigation and recovery is underway with some functions already restored.

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Ransomware can cost companies a fortune from operational disruption alone even if no data is snatched, not to mention incident response costs.


Electronic Warfare Associates (EWA)

Exploit: Phishing 

Electronic Warfare Associates (EWA): Defense Contractor

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.822=Severe

A phishing attack that snared an employee is the suspected cause of a breach at defense contractor Electronic Warfare Associates (EWA). The company is a major provider of specialized software for the US defense establishment including the Pentagon, the Department of Defense (DoD), the Department of Justice (DoJ) and the Department of Homeland Security (DHS). EWA’s investigation determined that an attacker broke into an EWA email account in August 2021 after a phishing operation. The intrusion was uncovered when the attacker attempted a wire transfer. Employee PII was exposed and concern remains that sensitive defense information may also have been exposed.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.703=Severe

EWA has admitted that the attackers snatched files with certain personal information including name and Social Security Number and/or drivers’ license number for an undisclosed number of EWA employees, but no further information was given.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Phishing is an equal opportunity offender and no less likely to be successful against the presumably cybersecurity savvy employees of a tech company as any other business.



Newfoundland and Labrador Health

Exploit: Ransomware

Newfoundland and Labrador Health: Healthcare System

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.442=Extreme

What may be the largest cyberattack in Canadian history crippled the healthcare system of the province of Newfoundland and Labrador on October 30th. The suspected ransomware attack hit scheduling and payment systems, causing widespread interruptions in patient care including the cancellation of all non-urgent imaging and medical appointments well as a reduction in chemotherapy sessions and significant complications the province’s COVID-19 response. Eastern Health reported that their payment systems to suppliers and vendors were also targeted by the attack. Email and telephone capability has been restored in some locations and an investigation is ongoing.

Individual Impact: No information about the exposure of patient information was disclosed in this incident as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Healthcare has been beleaguered by cyberattacks, especially ransomware, since the start of the global pandemic.



Greece – Danaos Management Consultants

Exploit: Hacking

Danaos Management Consultants: Maritime IT

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.615= Severe

Maritime clients who use the communication systems of Danaos Management Consultants found themselves without some communications capability after a cyberattack blocked their communication with ships, suppliers, agents, charterers and suppliers. Several Greek shipping companies were impacted. The incident also resulted in the loss of an unspecified amount of files and correspondence for the impacted shipping firms.

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Cyberattacks have rocked the maritime world in 2021, with major attacks against the world’s four biggest shippers complicating the world’s supply chain woes.


Germany – Media Markt

Exploit: Ransomware

Media Markt: Electronics Retailer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.512= Severe

Electronics retailer MediaMarkt has suffered a ransomware attack that caused the company to shut down some IT systems, impacting store operations in Netherlands and Germany. While cash registers and payment card systems in brick-and-mortar locations were disrupted, online sales were not impacted. The attack was purportedly carried out by the Hive ransomware outfit who initially demanded $240 million in ransom.

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Operational disruption from a ransomware attack is just as likely as data theft and sometimes even more damaging.



Australia – mySA Gov 

Exploit: Hacking

mySA Gov: Government Services Platform

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.595 = Extreme

South Australia’s Department for Infrastructure and Transport confirmed that mySA Gov accounts were compromised through a cyber attack. Officials went on to say that the hackers gained access to several mySA Gov accounts that were secured with recycled passwords. The department went on to say that there was no evidence of any unauthorized transactions on the impacted accounts while encouraging users to update their passwords.

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.595 = Extreme

A report from ABC says that 2,601 mySA Gov accounts were accessed in the attack, with 2,008 of them containing registration and licensing information. It is unclear if any information was exfiltrated.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Cybercriminals are always hungry for PII, especially identification card or passport data that can help them commit identity theft.



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

Leave a Reply