Categories
The Week in Breach

The Week in Breach: 07/06/21 – 13/07/21

Shopping platforms are on the hit list this week

Memorial HealthCare 

Exploit: Third-Party Data Breach 

Northwestern Memorial HealthCare: Hospital System 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.771= Severe

A data breach at a third-party provider, Elekta, has potentially exposed the private medical information of patients at Northwestern Memorial HealthCare (NMHC) providers. Unknown cybercriminals were able to access a database owned by Elekta, a company that provides a cloud-based platform that handles legally required cancer reporting to the State of Illinois. Those potentially affected are patients of Northwestern Medicine Central DuPage Hospital, Northwestern Medicine Delnor Community Hospital, Northwestern Medicine Huntley Hospital, Northwestern Medicine Kishwaukee Hospital, Northwestern Medicine Lake Forest Hospital, Northwestern Medicine McHenry Hospital, Northwestern Memorial Hospital, Northwestern Medicine Valley West Hospital and Northwestern Medicine Valley West Hospital. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.603= Severe

The hospital system has announced that attackers made a copy of datasets, which include patient names, dates of birth, Social Security numbers, health insurance information, and medical record numbers. The database also contained clinical information related to cancer treatment, including medical histories, physician names, dates of service, treatment plans, diagnoses, and/or prescription information. 

Customers Impacted: Unknown

Morgan Stanley

Exploit: Third-Party Data Breach

Morgan Stanley: Financial Services Firm 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.216 = Severe

Morgan Stanley has reported a third-party data breach after attackers reportedly stole customer data by hacking into the Accellion FTA server of a third-party vendor. That vendor, Guidehouse, is a third-party vendor that provides account maintenance services to Morgan Stanley’s StockPlan Connect business. Guidehouse notified the investment banking company in May 2021 that attackers had accessed its Accellion FTA server. The Clop ransomware gang claimed responsibility for the original Accellion hack. 

cybersecurity news represented by agauge showing severe risk

Risk to Individual: 2.462 = Severe

Morgan Stanley says that the information stolen in this incident does not include financial information but does include stock plan participants’ names, addresses (last known address), dates of birth, social security numbers and corporate/company names. The files stolen from Guidehouse’s FTA server did not contain password information or credentials that the threat actors could use to gain access to impacted Morgan Stanley customers’ financial accounts. 

Customers Impacted: Unknown

Republican National Committee (RNC) 

Exploit: Nation-State Cybercrime

Republican National Committee (RNC): Political Organization

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.223=Severe

Russian-aligned nation-state cybercriminals hacked into the Republican National Committee last week. Initially dismissive of the hack, RNC officials ultimately admitted that their security had been breached. However, those officials attributed the hack to a data security incident at a subcontractor, Synnex. The RNC announced that they are working with experts at Microsoft to investigate this incident.

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Reviewing potential avenues of risk can help you and your customers make a strong defensive plan.

ID Agent to the Rescue:  Learn more about the factors that make it easy for employees to make mistakes and how you can mitigate them for a better staff. SEE THIS WEBINAR>>

GETTR

Exploit: Hacking

GETTR: Social Media Platform 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.575 = Severe

A hacker has reported that they have breached GETTR, a new right-wing social media platform popular with personalities who have been banned from mainstream social media. The data was purportedly collected in two batches, on July 1 and July 5. According to copies of the leaked file and the leaker’s claims, the first batch of the stolen data was collected through scraping on July 1 and the second batch was obtained through endpoint exploitation. The sum of the data collected in both leaks is estimated at more than 90,065 user profiles.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.502 = Severe

According to the hackers, the snatched data included information such as real names, profile descriptions, site usernames, along with other public information, but also non-public information such as a user’s email address, birth year, and location information.

Customers Impacted: 40,000

Switzerland – Comparis

Exploit: Hacking

Comparis: Shopping Platform 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.302 = Extreme

Swiss online consumer outlet Comparis has disclosed a ransomware attack by filing a criminal complaint. The attack purportedly blocked some of the information technology systems, causing scattered disruptions for several days. Sister company Credaris, a financial services provider that uses the same server environment, may also have experienced unconfirmed malicious access to unspecified information. According to the hackers, the snatched data included information such as real names, profile descriptions, site usernames, along with other public information, but also non-public information such as a user’s email address, birth year, and location information.

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

Germany – Spreadshop 

Exploit: Hacking 

Spreadshop: Shopping Platform 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.919 = Severe

German merchandise platform Spreadshop has disclosed that on July 8th, 2021, it was the victim of a malicious cyberattack. The company confirmed that personal user data, including bank account details, were compromised. The platform is the commerce arm of a web of businesses that also includes Spreadshirt and TeamShirts. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.271 = Severe

According to a statement from Spreadshop, the compromised data includes address and contractual data belonging to customers, partners, employees and external suppliers. Also affected are the payment details of a small number of customers who made payments to Spreadshirt, Spreadshop, or TeamShirts via bank transfer or who have received a refund via bank transfer.

Customers Impacted: Unknown


India – Technisanct 

Exploit: Hacking 

Technisanct: Trading Platform

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.801 = Moderate

Big data startup Technisanct has disclosed a data breach in a trading platform that it operates in India. Information from over 3.4 million customers was compromised. The security breach was identified by Technisanct’s digital risk monitoring tool. Researchers have reported that the pilfered data was for sale in an online platform dedicated to these kinds of transactions, and some of the information was published on June 15. 

cybersecurity news represented by a gauge indicating moderate risk

Idividual Risk: 2.766 = Moderate

The company has disclosed that Personal Identifiable Information (PII) was exposed including name, customer ID, contact number, email ID, trade login ID, branch ID, city and country.

Customers Impacted: 3.4 million


Taiwan – Adata

Exploit: Ransomware

Adata: Computer Chip Maker 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.801 = Severe

The Ragnar Locker ransomware gang has announced that they’ve acquired more than 700GB of archived data stolen from Taiwanese memory and storage chip maker ADATA. A set of 13 archives, allegedly containing sensitive ADATA files, have been publicly available at a cloud-based storage service, at least for some time. According to reports, the largest archive is close to 300GB, and the second largest is 117GB and the archives likely contain corporate financial information, non-disclosure agreements and sales data.

Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.

Customers Impacted: Unknown

Leave a Reply