Ransomware becomes a TV star at Sinclair Broadcast Group, cybercriminals bring tricks and no treats to candymaker Ferrara Candy Company.
Sinclair Broadcast Group
Exploit: Ransomware
Sinclair Broadcast Group: Television Station Operator
Risk to Business: 1.227 = Extreme
Sinclair Broadcast Group, the operator of 184 tv stations in 86 US markets, experienced a cyberattack last week that knocked broadcasts offline. The disruption was extensive, knocking local news broadcasts and syndicated programs offline. In some markets, NFL Sunday broadcasts were also disrupted. An unspecified amount of data was also stolen from the company’s network.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: Locking down networks and production lines to cause operational disruption is the name of the game for many ransomware groups in order to force a speedy ransom payment.
Ferrara Candy Company
Exploit: Ransomware
Ferrara Candy Company: Candy Manufacturer
Risk to Business: 1.822=Severe
Boo! Greedy cybercriminals unleashed their tricks on Ferrara Candy Company just one week away from Halloween. The company, maker of Brach’s Candy Corn, Nerds and Trolli gummies among other treats, has been in the confectionary business since 1901. Ferrara said that the attack briefly disrupted production operations. However, they were quick to assure anxious consumers that they didn’t need to worry about missing their Halloween favorites – Halloween orders were shipped to stores in August.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business Manufacturers have been increasingly falling into cybercriminals’ sights, especially at peak times in their respective industries.
United States – CoinMarketCap
Exploit: Hacking
CoinMarketCap: Cryptoasset Tracker
Risk to Business: 1.702=Severe
Crypto evaluator CoinMarketCap has had a data leak. First reported by Have I Been Pwned, cybercrime researchers have discovered 3.1 million user email addresses from the site available on the dark web. The company initially denied the hack but ultimately owned up to the security blunder.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time. So far it’s only an email address list, no other information.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business Attacks on the banking, crypto and fintech sectors have been growing, creating complications for every financial services organization.
United Kingdom – Tesco
Exploit: Hacking
Tesco: Supermarket Chain
Risk to Business: 2.115=Extreme
Ubiquitous UK supermarket chain Tesco left customers scrambling after a cyberattack disrupted its web services over the weekend. The company said that unnamed cyberattacks began impacting its systems on Friday night. Beginning Saturday and rolling into Sunday intermittently, shoppers were unable to place orders or track deliveries. The incident also impacted the Tesco app.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Cyberattacks can come from myriad sources but they all cause companies to lose revenue and suffer a negative impact on customer relationships.
Switzerland – MCH Group
Exploit: Ransomware
MCH Group: Event Management
Risk to Business: 2.763 = Moderate
Swiss events management company MCH Group was hit with a suspected ransomware attack late last week that resulted in operational disruption. the company said that it’s back online, upcoming events will not be impacted and it’s in the process of investigating the attack. MCH Group handles events including the Art Basel shows in Basel, Miami Beach, and Hong Kong, as well as the watch and jewelry show Baselworld.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Service providers have been popular targets for cyberattacks because they often maintain databases that will score a big payday for cybercriminals on the dark web.
Spain – Atento
Exploit: Hacking
Atento: Customer Service Center Operator
Risk to Business: 1.615 = Severe
Customer support giant Atento was hit by a cyberattack on its Brazil-based systems that primarily impacted its operations in South America. The company disclosed a business interruption in Brazil as it sought to contain and mitigate the attack. Operations have been fully restored. Brazil is one of Atento’s main global markets, and more than 45% of the company’s global workforce is in that location.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Brazil has been experiencing an uptick in cyberattacks in recent months including insurers, retailers and other businesses that store a large volume of data.
Thailand – Centara Hotels & Resorts
Exploit: Hacking
Centara Hotels & Resorts: Hotel Chain
Risk to Business: 1.631 = Severe
Motherboard manufacturer Gigabyte was clobbered with a ransomware attack last week The ransomware group Avos Locker clobbered the company in a SolarWinds-style supply chain attack. The gang posted samples of the purportedly stolen data on its leak site including confidential details regarding deals with third-party companies and identifiable information about employees. Researchers from ThreatPost were able to view an assortment of data in a 14.9 MB file entitled “proof.zip” containing confidential data on agreements with Gigabyte relationships including Amazon, BestBuy, Black Magic, Blizzard, Intel and Kingston.
Risk to Business: 1.6808 = Severe
Researchers also noted that some employee and applicant information is included in that file. Researchers spotted employee payroll details, passport scans CVs of applicants, human resources files, consulting agreements, credit card data from 2014 and images from company events.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Computer hardware manufacturers have been very attractive to hacers as teh chip shortage grinds on, putting pressure on the industry, something cybercriminals love to exploit.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.