This week we’re diving into a cascade of cybercrime in Australia and New Zealand.
CSI Laboratories
Exploit: Phishing
CSI Laboratories: Medical Testing Company
Risk to Business: 1.173 = Extreme
For the second time in just 6 months, CSI Laboratories has experienced a data breach, this time as a result of a phishing incident in July 2022. In that incident, hackers attempted to commit payment fraud and were able to acquire a large number of files containing patient information. CSI reported the phishing incident on Sept. 26 to the U.S. Department of Health and Human Services Office for Civil Rights as affecting 244,850 individuals. The company says that this breach was not related to another data breach that it suffered in March 2022 that affected the data of 312,000 individuals.
Risk to Business: 1.806 = Severe
Patient information that may have been compromised in this breach includes documents that may have contained a patient’s name and patient number, and in some cases additional patient information, including date of birth and health insurance information.
How It Could Affect Your Business: Two breaches within six months is a disaster and regulators won’t hesitate to slap down massive fines.
City of Dunedin, FL
Exploit: Hacking
City of Dunedin, FL: Municipality
Risk to Business: 2.604 = Moderate
The city of Dunedin has announced that officials discovered a cybersecurity incident impacting its network on Tuesday. City systems and services including city email, online payments for permits, inspection scheduling, utility billing, Parks & Recreation programs and online payments for Marina fees were knocked out. The city was quick to assure residents that water and wastewater services were not impacted.
How It Could Affect Your Business: Municipalities have been taking a lot of heat from cybercriminals looking for a quick buck because they often have outdated security.
CommonSpirit Health
Exploit: Ransomware
CommonSpirit Health: Healthcare System Operator
Risk to Business: 2.771 = Extreme
One of the largest healthcare systems in the US is experiencing outages impacting patient care after a suspected ransomware attack knocked some hospital systems offline. Subsidiaries of CommonSpirit have reported being affected by the attack including CHI Health facilities in Nebraska and Tennessee, Seattle-based Virginia Mason Franciscan Health providers, MercyOne Des Moines Medical Center, Houston-based St. Luke’s Health and Michigan-based Trinity Health System. The company disclosed that it has rescheduled some patient procedures because of an inability to access electronic medical records or lab results. Some hospitals are using paper charts. The company says it is working to restore systems and the incident is under investigation.
How It Could Affect Your Business: Ransomware is an especially devastating prospect for a healthcare organization because it can impact patient care and even mortality rates.
Australia – The Dialog Group
Exploit: Hacking
The Dialog Group: IT Consulting Company
Risk to Business: 1.624 = Severe
Singapore Telecommunications Ltd (Singtel) has announced that its Australian division The Dialog Group has experienced a cyberattack that potentially exposed information about 1,000 current and former employees and an estimated 20 clients. Singtel, which acquired The Dialog Group earlier this year, also owns Optus, the scene of a massive breach just a few weeks ago. Company officials say that the two incidents are not connected, and the exact nature of the stolen data was not available at press time.
How it Could Affect Your Business: Cybersecurity awareness training helps reduce a company’s chance of having an incident significantly.
Australia – G4S
Exploit: Ransomware
G4S: Security Firm
Risk to Business: 2.363 = Severe
Individual Risk: 2.325 = Severe
Employees of security firm G4S have been alerted that some of their personal and financial data may have been exposed in a ransomware incident after a cyberattack hit Fort Phillip prison in July 2022. The company apparently learned in mid-September that sensitive employee data had been snatched by bad actors in the incident. The firm announced that it is working with the Australian Cyber Security Centre (ACSC) and IDCARE as part of its response.
How it Could Affect Your Business: Financial data is especially desirable for bad actors, and failing to protect it can incur big fines in a place with data protection regulations.
Australia – Costa Group
Exploit: Phishing
Costa Group: Agricultural Producer
Risk to Business: 2.731 = Moderate
Fruit and vegetable company Costa Group says that an employee falling victim to a phishing attack resulted in unauthorized access to its servers. The company experienced the incident in August 2022. After an investigation, they’ve confirmed that the data exposed was limited to its berry farming operation Costa Corindi. Costa Farms did not provide details of the number of people impacted. The company says it has notified relevant authorities about the attack, including the Australian Cyber Security Center and the Office of the Australian Information Commissioner.
Risk to Business: 2.655 = Moderate
The company said that exposed worker data may include workers’ passport details, bank details, superannuation details and tax file numbers.
How it Could Affect Your Business: Agribusinesses and the food supply chain have been in the spotlight as risks escalate in critical infrastructure sectors.
Australia – Telstra
Exploit: Hacking
Telstra: Telecommunications Company
Risk to Business: 2.816 = Moderate
Just a few weeks after the massive Optus breach, Australian telecom Telstra has disclosed that it has experienced a data breach. The breach was likely caused by a cyberattack on a third-party vendor, Pegasus Group Australia, that operated a platform used in its employee rewards program. Basic employee data for an estimated 30,000 people including more than 12,000 current employees has potentially been exposed. Telstra officials suspect that the miscreant behind this data is trying to profit from buzz about the Optus breach. That data consisted of employees’ first and last names and email addresses reaching back to 2017. The National Australia Bank (NAB) was also impacted in this third-party vendor hack but details of that incident were unavailable at press time.
How it Could Affect Your Business: Third-party and supply chain risk has been the story of the year in 2022 and all businesses should be working to mitigate it.
New Zealand – Pinnacle Midlands Health Network
Exploit: Ransomware
Pinnacle Midlands Health Network: Healthcare System Operator
Risk to Business: 1.816 = Severe
A successful ransomware attack on Pinnacle Midlands Health Network by cybercrime group Black Cat has resulted in patient data being exposed online. The company disclosed that the attack impacted clinics in the Waikato, Lakes, Taranaki and Tairawhiti districts, including Primary Health Care Ltd (PHCL) practices from across Taranaki, Rotorua, Taupō-Tūrangi, Thames-Coromandel and Waikato. Pinnacle noted in its statement that it does not hold GP notes and consultation records. The number of affected patients has not been made public, but news reports are saying as many as 450,000 people’s information could have been exposed. Information potentially exposed in this breach includes high-level data related to the use of hospital services, claiming information related to services that Pinnacle provides and information sent to practices around immunization and screening status of individual patients. No further details were available at press time.
How it Could Affect Your Business: Third-party and supply chain risk has been the story of the year in 2022 and all businesses should be working to mitigate it.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident