More trouble for two of 2021’s most ransomware-prone sectors and a detailed map of exactly how ransomware hit a Japanese hospital.
Tenafly Public Schools
Exploit: Ransomware
Tenafly Public Schools: Local Government Entity
Risk to Business: 2.827 = Moderate
Tenafly Public Schools was forced to cancel student final exams and resort to low-tech teaching methods to finish out the school year after ransomware had encrypted data on some computers in the district’s network. A Tenafly Public School District spokesperson said that administrators first identified the security incident Thursday and discovered that it involved the encryption of data by ransomware on some computers in the district’s network. The spokesperson went on to explain that the district’s technology department responded by isolating devices, shutting down the districtwide computer system, launching an investigation and hiring outside cybersecurity experts. No word on whether or not a ransom was or will be paid.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business: Schools and education sector organizations at every level have been prime targets for cybercrime in the last few years.
Private Client Services, LLC.
Exploit: Hacking
Private Client Services LLC. : Financial Services
Risk to Business: 1.801 = Severe
Private Client Services, LLC (“PCS”) has disclosed a data breach that the company is blaming on an unauthorized party gaining access to sensitive consumer information through a compromised employee email account. The company sent data breach letters to 22,554 impacted people on May 27, 2022.
Risk to Business: 1.822 = Severe
According to PCS, the breach resulted in the names, Social Security numbers, driver’s license numbers and state identification numbers being compromised.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business Financial Services & Banking was the sector that experience the most ransomware attacks in 2021 and that pace isn’t slowing down.
Aesto Health
Exploit: Hacking
Aesto Health: Medical Information Services Provider
Risk to Business: 1.976 = Severe
Aesto Health has announced it recently experienced a cyberattack that caused disruption to certain internal IT systems. The Alabama-based company disclosed that it had experienced a security breach that was detected on March 8, 2022. Aesto Health has brought in a third-party computer forensics company to assist with the investigation. They’ve also determined that an unauthorized individual had access to the affected systems from December 25, 2021, to March 8, 2022.
Risk to Business: 1.915 = Severe
A review of the affected files confirmed they contained patients’ protected health information, including names, dates of birth, physician names, and report findings related to radiology imaging at Osceola Medical Center (OMC) in Wisconsin. No Social Security numbers or financial information were viewed or stolen, and OMC systems and electronic medical records were unaffected.
How It Could Affect Your Business: Healthcare providers in the US don’t just have to worry about the standard expenses of a data breach, they face big regulatory penalties too.
OnDeck Capital
Exploit: Hacking
OnDeck Capital: Financial Services
Risk to Business: 1.872 = Severe
OnDeck has disclosed that the company experienced a data breach after an unauthorized party gained access to the company’s computer network and transferred sensitive data to a private cloud storage account. OnDeck says that it first detected suspicious activity on March 10 and immediately shut down access to all affected devices. But three days later, OnDeck determined that the attackers had copied sensitive data to a private cloud storage account. On March 17, OnDeck’s team of investigators gained control over the cloud storage account, recovered the data, and shut down access, but there’s no word on what the threat actor might have done with the data.
Risk to Business: 1.721 = Severe
The customer data that was compromised may include names, Social Security numbers, tax ID numbers, driver’s license numbers, passport numbers, financial account/payment card account numbers, and medical or health insurance information.
How it Could Affect Your Business: Entities in the financial services sector need to take extra precautions against trouble because it was 2021’s hardest hit sector for ransomware attacks.
Canada – CMC Electronics
Exploit: Ransomware
CMC Electronics: Aerospace & Defense Engineering
Risk to Business: 2.317 = Severe
The Canadian Department of National Defense (DND) confirmed earlier this week that a defense contractor, CMC Electronics, has alerted the government that it had experienced a cyberattack, suspected to be ransomware, in May. The company says that there is no indication to date that those responsible for the cyberattack have stolen any sensitive military information. The attack was allegedly carried out by the BlackCat ransomware group.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business Cybercriminals aren’t just hunting for PII, they’re also in the market for proprietary data, formulas, research and information about operational technology.
Italy – City of Palermo
Exploit: Ransomware
City of Palermo: Municipal Government
Risk to Business: 2.033= Severe
The cybercrime group Vice Society ransomware group has claimed responsibility for the recent ransomware attack on the city of Palermo in Italy last Friday. The incident has caused a large-scale outage for city services that impacts 1.3 million people. Most internet-reliant services remain unavailable and are expected to be down for days. Vice Society claimed they were behind the attack on Palermo in a post on their dark web data leak site, threatening to publish all stolen documents if not paid. No word on the ransom amount or if the city plans to pay.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business Governments and government agencies have been high on the cybercriminal’s shopping list partly due to the high possibility of getting paid.
Japan – Handa Hospital
Exploit: Ransomware
Handa Hospital: Medical Center
Risk to Business: 1.780 = Severe
Handa Hospital in Tsurugi, Tokushima Prefecture, Japan has announced that it has been the victim of a ransomware attack. Investigators say that the October 2021 cyberattack occurred after a company that was involved in providing an electronic medical record system for the hospital had disabled anti-virus software on the hospital’s computers. Investigators laid out the chain of events and it is a lesson in security woes. Before the cyberattack occurred, the service provider configured the Windows settings of about 200 computers connected to the electronic medical record system to disable functions including anti-virus software and regular Windows updates because they made the electronic medical record system unstable. Investigators also determined that other circumstances contributed to the problem. Windows was never updated on the computers at the hospital and the hospitals’ VPN had never been updated. The investigation ultimately determined that the cybercriminals exploited defects in the hospital’s VPN device and made an unauthorized intrusion to have the ransomware infect the hospital’s system.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business This is a great illustration of the unfortunate sequence of events that can lead to disaster.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident