May the 4th be with you as you fight the good fight against cybercrime! This week, we’ll look at two attacks by the new ransomware group Black Basta and more trouble for power companies..
American Dental Association
Exploit: Ransomware
American Dental Association: Professional Organization
Risk to Business: 1.802 = Severe
The American Dental Association (ADA) was hit by a ransomware attack, allegedly conducted by new ransomware group Black Basta. The attack disrupted various online services, telephones, email, and webchat. Outage at the ADA website has caused some online services to be inaccessible, including the ADA Store, the ADA Catalog, MyADA, Meeting Registration, Dues pages, ADA CE Online, the ADA Credentialing Service and the ADA Practice Transitions.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business: The healthcare sector has been under siege from cybercriminals and the pressure isn’t letting up anytime soon.
The Coca-Cola Company
Exploit: Ransomware
The Coca-Cola Company: Beverage Manufacturer & Distributor
Risk to Business: 2.804 = Moderate
The new ransomware group Stormous claims they’ve pulled off a ransomware attack against The Coca-Cola Company, claiming that it snatched 161 gigabytes of data. The hacking group has been linked with Russian nationalist cybercrime following its public statement vowing to take action against companies that pulled out of Russia in the wake of Russia’s invasion of Ukraine. Financial data, passwords and commercial account records are said to be among the stolen data. Coca-Cola says that it is investigating the matter.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business ransomware can have a negative impact on a business even if it doesn’t shut down operations.
ARcare
Exploit: Hacking
ARcare: Medical Clinics
Risk to Business: 1.711 = Severe
ARcare, a medical services company that operates clinics for underserved communities in Arkansas, Kentucky and Mississippi, disclosed a data breach impacting an estimated 345,000 patients in a filing with The U.S. Department of Health and Human Services (HSS). After a disruptive incident on February 24, 2022, an investigation turned up the unwelcome news that a malicious hacker had access to ARcare’s network over a five-week period between January 18 and February 24.
Risk to Business: 1.814 = Severe
Potentially exposed patient data includes names, Social Security numbers, drivers’ license or state identification numbers, dates of birth, financial account information, medical treatment information, prescription information, medical diagnosis or condition information and health insurance information.
How It Could Affect Your Business: This is going to be a very expensive problem once regulators get finished with it.
Costa Rica – Junta Administrativa del Servicio Eléctrico de Cartago (JASEC)
Exploit: Ransomware
Junta Administrativa del Servicio Eléctrico de Cartago (JASEC): Power Company
Risk to Business: 1.626 = Severe
Conti ransomware is to blame for continued trouble in Costa Rica’s public sector. After crippling several federal departments last week, the group has not snarled operations at Junta Administrativa del Servicio Eléctrico de Cartago (JASEC), electricity manager for the city of Cartago, population 160,000. Officials said that the attack has encrypted the servers used to manage the organization’s website, e-mail, administrative collection systems and more, rendering customers unable to pay for electricity and internet bills.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business Infrastructure targets have had increasing trouble in the past 12 months, with the FBI reporting ransomware attacks in 14 of 16 infrastructure sectors.
Trinidad and Tobago – Massy Stores
Exploit: Hacking
Massy Stores: Supermarket Chain
Risk to Business: 1.311 = Extreme
The biggest supermarket chain in Trinidad, Massy Stores, was forced to temporarily suspend operations over the weekend after a cyberattack took out key systems, including cash registers. Surepay and Moneygram services were also impacted. The company says that no customer or employee data was stolen. Some stores have resumed operations, and the incident is under investigation.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business Retailers have been getting hammered by cyberattacks coming in at 3rd on the list of industries most hit by ransomware attacks.
UK – The General Council of the Bar (GCB)
Exploit: Hacking
The General Council of the Bar (GCB): Regulatory Body
Risk to Business: 1.909-Severe
The General Council of the Bar (GCB) notified users of its website that it has been the victim of a cyberattack. GCB comprises the representative Bar Council and regulator Bar Standards Board. The attack has rendered several systems temporarily inaccessible including MyBar. The body’s statement notes that Authorisation to Practise and Court ID cards have both been extended due to this technical difficulty. The incident has been reported to ICO, National Cyber Security Centre and the Police.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business In a challenging economy, no government can afford this kind of incident or the associated bills.
Germany – Deutsche Windtechnik
Exploit: Ransomware
Deutsche Windtechnik: Power Company
Risk to Business: 2.096 = Severe
German wind farm operator Deutsche Windtechnik has disclosed that it was the victim of a ransomware attack. The Black Basta group is thought to be behind the attack after the company’s data appeared on its leak site. The attack took place April 11-12, 2022. Deutsche Windtechnik noted that after shutting off systems for safety, they were able to reactivate the remote data monitoring connections to their wind turbines within a day or two. The incident was reported to the German Federal Office for Information Security (BSI).
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business This is the latest in a long string of strikes against energy sector targets in Germany.
Russia – Petersburg Social Commercial Bank
Exploit: Nation-State Hacking (Hacktivism)
Tender
Petersburg Social Commercial Bank: Financial Institution
Risk to Business: 1.976 = Severe
Anonymous has not let up on hacking aimed at Russian targets. This week, the group published accounts of several more successful operations by its affiliates, including an operation against Petersburg Social Commercial bank, a major Russian bank. The group claimed vis DDoSecrets to have snatched 542 GB of data containing 229,000 emails and 630,000 files from the bank. Anonymous also announced successful forays against Elektrocentromontazh and ALET.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business Nation-state cybercrime can impact businesses outside the government or military sphere quickly when risk continues to ripple.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident