Categories
The Week in Breach

The Week in Breach News: 16/03/22 – 22/03/22

More trouble for crypto and DeFi outfits thanks to a supply chain incident, Anonymous isn’t letting up on Russia and a cyberattack sours milk processing in the US.



H.P. Hood Dairy 

Exploit: Hacking

H.P. Hood Dairy: Milk Producer

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.411 = Extreme

Major New England dairy producer Hood announced that it had been hit with a cyberattack that has impacted milk production. The company stated that the unnamed attack caused milk processing and dairy production to halt at its 13 plants around the U.S. This has led to dairy shortages in some school systems and the waste of a large volume of milk. Production and processing operations have been restored and the incident is under investigation.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Business: Cybercriminals have been hitting major food producers hard, looking for a quick score from a time-sensitive business.


BlockFi

Exploit: Supply Chain Risk

BlockFi: Cryptocurrency Finance

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.799 = Moderate

Crypto financial institution BlockFi has announced that it had experienced a data breach incident via one of its third-party vendors, HubSpot. BlockFi says that the hackers gained access to BlockFi client data stored on HubSpot on Friday, March 18. BlockFi was quick to assure investors that its internal system and client funds were not accessed and that the breach remains limited to a very narrow pool of data stored with the third-party vendor, HubSpot.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.806 = Severe

The exposed information from this breach may have included user data such as names, email addresses and phone numbers.

NOTE: The attackers in this incident likely also accessed similar data on HubSpot belonging to Swan Bitcoin, NYDIG and Circle.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Business Cryptocurrency and DeFi have been catnip for cybercriminals and that’s not going to stop anytime soon.


United States – Creative Services Inc.

Exploit: Hacking 

Creative Services Inc.: Employment Investigations

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.721 = Severe

Hackers cracked into Massachusetts background check firm Creative Services and snatched highly sensitive personal records on more than 164,000 job-seekers and license applicants on November 26, 2021. The company’s internal investigation determined that an unauthorized party may have copied certain files on the company’s computer systems. This is a particularly tricky incident because of the confidential nature of the information that this firm handles.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.763 = Severe

Investigators found that the hackers obtained access to names, dates of birth, Social Security numbers and driver’s license numbers in the attack as well as access to other sensitive data that could be used for nefarious purposes.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Business: This kind of sensitive information isn’t what anyone wants falling into the wrong hands and should be stored with extra safety.


Wheeling Health Right, Inc.

Exploit: Ransomware

Wheeling Health Right Inc.: Healthcare Non-Profit

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.867 = Severe

Wheeling Health Right Inc (WHR), a United Way medical services non-profit, announced that on January 18, 2022, the organization was the victim of a “sophisticated cyberattack”, likely ransomware, that encrypted its systems as well as giving the threat actors access to protected patient health information. The organization is working with a technology services provider to decrypt the data as well as add other safeguards, and the investigation is ongoing.  

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.772 = Severe

Information that may have been accessed includes full name, postal address, email address, phone number, driver’s license number, medical record number, Social Security number. tax information, income information, and other health information about patients who applied for or received services from WHR.  

How it Could Affect Your Business This isn’t a problem that any medical facility can afford with high HIPAA penalties, especially a non-profit.



Ireland – The Rehab Group 

Exploit: Malware

The Rehab Group: Disability Services Provider 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.661 = Severe

One of the largest disability services providers in Ireland, The Rehab Group has fallen victim to a cyberattack. The company says that there is no evidence that data had been accessed. The investigation is still ongoing, with the Garda National Cyber Crime Bureau and the National Cyber Security Centre involved.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Business Any organization that holds a large quantity of personal or financial data will be an attractive target for cybercriminals.


Russia – Transneft

Exploit: Nation-State Hacking (Hacktivism)

Transneft: State-Owned Oil Pipeline Company

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.902 = Moderate

Anonymous is back at it, this time leaking documents stolen from the Omega Company, the research and development division of Russian oil pipeline company Transneft. The hacktivist collective, who have publicly sided with Ukraine in response to Russia’s invasion of the country, got ahold of 79GB of the company’s emails and published them on the leak site of the non-profit whistleblower organization Distributed Denial of Secrets. The stolen data includes invoices, equipment technical configurations, and product shipment information. One unusual detail: the hackers responsible dedicated the hack to Hillary Clinton after she mentioned that Ukraine-aligned hackers should attack Russian targets in a recent interview.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Business Political upheaval can place organizations within hacktivist sights, creating unforeseen security complications.



South Africa – TransUnion

Exploit: Ransomware

TransUnion: Credit Bureau

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.905 = Severe

TransUnion has reported that it experienced a data breach as a result of a ransomware attack. The company states that cybercriminals obtained access to their systems through credential compromise. TransUnion received a $15 million ransom demand from a group identifying themselves as N4ughtySec that they do not intend to pay. The group says they’re based in Brazil and that they have over 4TB of stolen data touching over 200 companies.  

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Business Organizations in the Financial sector from bans to credit organizations have been getting walloped by cybercrime, beating out healthcare to become the top cyberattack target.



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.