Nelnet Servicing (Nelnet)
Exploit: Hacking
Nelnet Servicing (Nelnet): Student Loans Servicer
Risk to Business: 2.026 = Severe
A data breach of student loan servicer Nelnet Servicing (Nelnet) has affected over 2.5 million student loan borrowers throughout the United States. The breach affected borrowers whose student loans are serviced by the Oklahoma Student Loan Authority (OSLA) and Edfinancial Services (Edfinancial). The company disclosed that the PII of 2.5 million student loan borrowers was accessible by an unknown actor who gained access to the network in July 2022.
Risk to Business: 2.406 = Severe
The exposed data includes names, addresses, email addresses, phone numbers and Social Security numbers of borrowers who had loans serviced by the affected institutions.
How It Could Affect Your Customers’ Business: Service providers like this one are highly at risk for trouble thanks to the combination of valuable data and access to companies that they offer bad actors.
Baker & Taylor
Exploit: Ransomware
Baker & Taylor: Book Distributor
Risk to Business: 1.647 = Severe
A ransomware attack at leading library book distributor Baker & Taylor has resulted in an outage that impacted the company’s phone systems, offices, and service centers. Those systems were out for a week. No ransomware group claimed responsibility, nor did Baker & Taylor disclose a ransom demand. The company said that they were able to restore their systems from backups and the incident remains under investigation.
How It Could Affect Your Business: Cybercriminals have been concentrating their fire on suppliers and service providers, elevating risk for them.
Los Angeles Unified School District
Exploit: Ransomware
Los Angeles Unified School District: Regional Education Authority
Risk to Business: 1.427 = Extreme
A cyberattack against the Los Angeles Unified School District added complications to the start of the new school year. The ransomware attack hit on the Sunday before schools were scheduled to open for the new year. The district was able to overcome the digital shutdown to open schools on schedule the following Tuesday. However, the personal data of an estimated 400,000 students may have been accessed by cybercriminals. Federal, state and local authorities are investigating the incident. The Vice Society ransomware group has claimed responsibility for the attack, saying that they snatched more than 500GB of unspecified data.
How It Could Affect Your Business: Educational institutions have been high on cybercriminal priority lists, and the time pressure here made this attack an attractive prospect for the bad guys.
Savannah College of Art and Design
Exploit: Ransomware
Savannah College of Art and Design: Institution of Higher Learning
Risk to Business: 2.712 = Moderate
Savannah College of Art and Design (SCAD) has revealed that a hacker gained access to SCAD’s information network systems, exposing data on an estimated 15,00 students. The school said that an unspecified “limited” number of files containing data about students and employees was accessed by bad actors. The AvosLocker ransomware group added SCAD to its leak site, but no ransom specifics have been released. AvosLocker may have taken at least 69,000 files that contained student information, personnel files and business data. No specifics have been released about what data was taken.
How it Could Affect Your Business: Education has been a sector under siege, especially attractive to ransomware groups as the school year opens.
United Kingdom – InterContinental Hotels Group (IHG)
Exploit: BEC
InterContinental Hotels Group (IHG): Hotel Operator
Risk to Business: 1.809 = Severe
InterContinental Hotels Group (IHG) has confirmed that they’ve had a security incident impacting the Holiday Inn hotels chain. A cyberattack downed its booking systems and mobile apps. Although ITG did not reveal the nature of the attack in its public statement, tech experts point to ransomware. The incident is under investigation, and no information about what if any data was stolen or the group responsible was mentioned.
How it Could Affect Your Business: Hospitality organisations rely heavily on their IT systems, and outages lead to disasters.
United Kingdom – Go-Ahead
Exploit: Hacking
Go-Ahead: Bus Company
Risk to Business: 1.723 = Severe
Go-Ahead, a major UK public transport operator disclosed that it is a cyberattack after finding unauthorized activity within its IT systems. The company said that many of its IT systems have been affected by this cybersecurity incident, including the system used to allocate drivers to bus services, with minimal delays expected. Some restoration has taken place using backups, and the incident remains under investigation.
How it Could Affect Your Business: Major transportation providers are juicy targets for bad actors because those services cannot afford disruptions, making them likely to pay ransoms.
Portugal – Armed Forces General Staff agency of Portugal (EMGFA)
Exploit: Hacking
Armed Forces General Staff agency of Portugal (EMGFA): Government Agency
Risk to Business: 1.361 = Extreme
Classified NATO documents belonging to the Armed Forces General Staff agency of Portugal (EMGFA) were spotted for sale on the dark web, leading the agency to discover that it had experienced a data breach. First spotted by US Information Services, hundreds of sensitive documents have apparently been snatched by bad actors. The documents were exfiltrated from systems in the EMGFA, in the secret military (CISMIL) and in the General Directorate of National Defense Resources. Investigators determined that security rules for the transmission of classified documents had been broken, and threat actors were able to access the Integrated System of Military Communications (SICOM) and receive and forward classified documents.
How it Could Affect Your Business: This problem could have been prevented by simple adherence to security rules and compliance with security policies.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident