The Week in Breach

The Week in Breach News: 05/10/22 – 11/10/22

This week we’re diving into a cascade of cybercrime in Australia and New Zealand.  

CSI Laboratories

Exploit: Phishing

CSI Laboratories: Medical Testing Company

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.173 = Extreme

For the second time in just 6 months, CSI Laboratories has experienced a data breach, this time as a result of a phishing incident in July 2022. In that incident, hackers attempted to commit payment fraud and were able to acquire a large number of files containing patient information. CSI reported the phishing incident on Sept. 26 to the U.S. Department of Health and Human Services Office for Civil Rights as affecting 244,850 individuals. The company says that this breach was not related to another data breach that it suffered in March 2022 that affected the data of 312,000 individuals.

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.806 = Severe

Patient information that may have been compromised in this breach includes documents that may have contained a patient’s name and patient number, and in some cases additional patient information, including date of birth and health insurance information. 

How It Could Affect Your Business: Two breaches within six months is a disaster and regulators won’t hesitate to slap down massive fines.

City of Dunedin, FL

Exploit: Hacking

City of Dunedin, FL: Municipality

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.604 = Moderate

The city of Dunedin has announced that officials discovered a cybersecurity incident impacting its network on Tuesday. City systems and services including city email, online payments for permits, inspection scheduling, utility billing, Parks & Recreation programs and online payments for Marina fees were knocked out. The city was quick to assure residents that water and wastewater services were not impacted.  

How It Could Affect Your Business: Municipalities have been taking a lot of heat from cybercriminals looking for a quick buck because they often have outdated security.

CommonSpirit Health

Exploit: Ransomware

CommonSpirit Health: Healthcare System Operator

cybersecurity news gauge indicating extreme risk

Risk to Business: 2.771 = Extreme

One of the largest healthcare systems in the US is experiencing outages impacting patient care after a suspected ransomware attack knocked some hospital systems offline. Subsidiaries of CommonSpirit have reported being affected by the attack including CHI Health facilities in Nebraska and Tennessee, Seattle-based Virginia Mason Franciscan Health providers, MercyOne Des Moines Medical Center, Houston-based St. Luke’s Health and Michigan-based Trinity Health System. The company disclosed that it has rescheduled some patient procedures because of an inability to access electronic medical records or lab results. Some hospitals are using paper charts. The company says it is working to restore systems and the incident is under investigation.

How It Could Affect Your Business: Ransomware is an especially devastating prospect for a healthcare organization because it can impact patient care and even mortality rates.

Australia – The Dialog Group

Exploit: Hacking

The Dialog Group: IT Consulting Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.624 = Severe

Singapore Telecommunications Ltd (Singtel) has announced that its Australian division The Dialog Group has experienced a cyberattack that potentially exposed information about 1,000 current and former employees and an estimated 20 clients. Singtel, which acquired The Dialog Group earlier this year, also owns Optus, the scene of a massive breach just a few weeks ago. Company officials say that the two incidents are not connected, and the exact nature of the stolen data was not available at press time.

How it Could Affect Your Business: Cybersecurity awareness training helps reduce a company’s chance of having an incident significantly.

Australia – G4S

Exploit: Ransomware

G4S: Security Firm 

Risk to Business: 2.363 = Severe

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.325 = Severe

Employees of security firm G4S have been alerted that some of their personal and financial data may have been exposed in a ransomware incident after a cyberattack hit Fort Phillip prison in July 2022. The company apparently learned in mid-September that sensitive employee data had been snatched by bad actors in the incident.  The firm announced that it is working with the Australian Cyber Security Centre (ACSC) and IDCARE as part of its response.  

How it Could Affect Your Business: Financial data is especially desirable for bad actors, and failing to protect it can incur big fines in a place with data protection regulations.

Australia – Costa Group

Exploit: Phishing

Costa Group: Agricultural Producer

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.731 = Moderate

Fruit and vegetable company Costa Group says that an employee falling victim to a phishing attack resulted in unauthorized access to its servers. The company experienced the incident in August 2022. After an investigation, they’ve confirmed that the data exposed was limited to its berry farming operation Costa Corindi. Costa Farms did not provide details of the number of people impacted. The company says it has notified relevant authorities about the attack, including the Australian Cyber Security Center and the Office of the Australian Information Commissioner.  

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.655 = Moderate

The company said that exposed worker data may include workers’ passport details, bank details, superannuation details and tax file numbers.  

How it Could Affect Your Business: Agribusinesses and the food supply chain have been in the spotlight as risks escalate in critical infrastructure sectors.

Australia – Telstra

Exploit: Hacking

Telstra: Telecommunications Company

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.816 = Moderate

Just a few weeks after the massive Optus breach, Australian telecom Telstra has disclosed that it has experienced a data breach. The breach was likely caused by a cyberattack on a third-party vendor, Pegasus Group Australia, that operated a platform used in its employee rewards program. Basic employee data for an estimated 30,000 people including more than 12,000 current employees has potentially been exposed. Telstra officials suspect that the miscreant behind this data is trying to profit from buzz about the Optus breach. That data consisted of employees’ first and last names and email addresses reaching back to 2017. The National Australia Bank (NAB) was also impacted in this third-party vendor hack but details of that incident were unavailable at press time.  

How it Could Affect Your Business: Third-party and supply chain risk has been the story of the year in 2022 and all businesses should be working to mitigate it.

New Zealand – Pinnacle Midlands Health Network

Exploit: Ransomware 

Pinnacle Midlands Health Network: Healthcare System Operator 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.816 = Severe

A successful ransomware attack on Pinnacle Midlands Health Network by cybercrime group Black Cat has resulted in patient data being exposed online. The company disclosed that the attack impacted clinics in the Waikato, Lakes, Taranaki and Tairawhiti districts, including Primary Health Care Ltd (PHCL) practices from across Taranaki, Rotorua, Taupō-Tūrangi, Thames-Coromandel and Waikato. Pinnacle noted in its statement that it does not hold GP notes and consultation records. The number of affected patients has not been made public, but news reports are saying as many as 450,000 people’s information could have been exposed. Information potentially exposed in this breach includes high-level data related to the use of hospital services, claiming information related to services that Pinnacle provides and information sent to practices around immunization and screening status of individual patients. No further details were available at press time.   

How it Could Affect Your Business: Third-party and supply chain risk has been the story of the year in 2022 and all businesses should be working to mitigate it.

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident