Marriott gets hit by ransomware.
Marriott International
Exploit: Ransomware
Marriott International: Hotel Operator
Risk to Business: 2.783 = Moderate
Marriott is looking at another big data breach after a group of cybercriminals claims to have stolen an estimated 20 gigabytes of data, including financial data like credit card information and confidential information about guests and workers from an employee at the BWI Airport Marriott in Baltimore. The group identified themselves as GNN or “Group with No Name” to media outlets and sent along samples of the purportedly stolen data. Marriott contends that the stolen data consisted of “non-sensitive internal business files regarding the operation of the property.” The incident remains under investigation.
How It Could Affect Your Business: Hotels are a prime target for cybercriminals because they often have stores of valuable financial and personal data on guests.
American Marriage Ministries (AMM)
Exploit: Misconfiguration
American Marriage Ministries (AMM): Non-Profit
Risk to Business: 2.617 = Moderate
American Marriage Ministries (AMM), a Seattle-based non-denominational religious organization that ordains wedding officiants, has suffered a data breach. Researchers say they’ve discovered 630 GB of data on about 185,000 officiants and roughly 15,000 married couples as well as their wedding guests exposed in an unsecured Amazon Web Services bucket. The data trove contained Ministers’ program application forms, over 500,000 ordination certificates and minister identification documents, and marriage licenses that contain details about newly wedded couples and more was included in the bucket. The incident was reported to FBI IC3.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business SMBs that handle or store large amounts of data have been high on cybercriminal shopping lists, particularly in recent months.
SHI International
Exploit: Malware
SHI International: IT Services
Risk to Business: 1.601 = Severe
New Jersey-based IT services provider SHI international suffered a major business disruption over the July 4 weekend after being forced offline by a cyberattack. The company disclosed that the defensive measures it had been forced to take to stop the attack included taking SHI’s public websites and email offline while the attack was investigated. Website and email outages lasted for several days before finally being resolved about July 10. Customers were told that they could still access their representatives by phone throughout the incident which remains under investigation.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business: MSPs, MSSPs and other IT/technical services providers have been frequent targets of cybercriminals recently and should strengthen security.
Yuma Regional Medical Centre (YRMC)
Exploit: Ransomware
Yuma Regional Medical Center (YMMC): Medical System
Risk to Business: 1.903 = Severe
A ransomware attack that landed on Yuma Regional Medical Center (YRMC) in Arizona has exposed the protected health information of an estimated 700,000 patients. The company has disclosed that it experienced the ransomware attack in late April and that an unauthorized individual had access to YRMC’s systems from April 21 to April 25, allowing them to steal a subset of files from the systems. There was no impact on patient care.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business: A data breach for a healthcare organization is especially damaging between incident costs and regulatory penalties.
WellDyneRx, LLC
Exploit: Hacking
WellDyneRx, LLC: Pharmacy Benefits Management
Risk to Business: 2.304 = Severe
WellDyneRx has reported a data breach that resulted from unauthorized access to one of the company’s email accounts. The company filed a notice with the U.S. Department of Health and Human Services Office for Civil Rights regarding a data breach in December 2021, indicating that the company estimates the breach affected 38,401 individuals. WellDyneRX is a pharmacy benefit manager and oversees the administration of the pharmacy benefits portion of insurance policies on behalf of insurance companies at 65,000 retail pharmacies from major chains to mom-and-pop shops.
Individual Risk: 2.215 = Severe
Cybercriminals may have accessed the names, dates of birth, Social Security numbers, driver’s license numbers, treatment information, health insurance information, contact information, prescription information, and other medical and healthcare-related information of individuals served by WellDyneRx.
How it Could Affect Your Business It’s not just hospitals and doctor’s offices, medical services providers are also experiencing surging risk with big penalties for failure to keep data safe.
United Kingdom – Aon, PLC
Exploit: Hacking
Aon, PLC: Professional Services Provider
Risk to Business: 2.829 = Moderate
AON, PLC, a U.K.-based company that handles risk mitigation for insurance, pension administration, and health insurance plans, has experienced a data breach that was recently disclosed in a notice on the Maine Attorney General’s Office website. Aon says that the data breach is believed to have affected as many as 31,799 individuals who have been informed via letter.
Individual Risk: 2.836 = Moderate
The company says that an unauthorized party temporarily obtained documents that contained the names, driver’s license numbers, Social Security numbers, and some benefit enrollment information of plan enrollees.
How it Could Affect Your Business professional services companies are prime targets for bad guys that are on the hunt for rich stores of data.
France – La Poste Mobile
Exploit: Ransomware
La Poste Mobile: Telecommunications Company
Risk to Business: 1.206 = Extreme
The Lockbit ransomware group has claimed responsibility for a ransomware attack on French telecommunications giant La Poste Mobile. The virtual mobile telephone operator La Poste Mobile was walloped by a ransomware attack on July 4 that paralyzed administrative and management services. The company was forced to suspend operations on its website and customer areas as part of its incident remediation.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business Telecoms are prime targets for ransomware because of the y cannot afford any network downtime, making them likely to pay the ransom fast.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident