Categories
The Week in Breach

The Week in Breach: 27/01/21 – 02/02/21

Ransomware romps through the UK, US Cellular has a CRM disaster that goes from bad to worse, big takedowns of ransomware gangs match the big surge in ransomware but don’t fix the problem!    

Dark Web ID’s Top Threats This Week
Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Sales & Retail
Top Employee Count: 501+  
  United Kingdom – UK Research and Innovation (UKRI)  Exploit: Ransomware
UKRI: Scientific Research Agency  >> Read full details on our blog  
  United Kingdom – Mensa  Exploit: Password Compromise
Mensa: Intellectual Club >> Read full details on our blog  
  United States – USCellular Exploit: Malware
USCellular: Mobile Phone Company  >> Read full details on our blog  
  United States – DSC Logistics Exploit: Ransomware
DSC Logistics: Shipping and Freight Logistics  >> Read full details on our blog  
  United States – Nissan North America Exploit: Misconfiguration
Nissan North America: Automotive Manufacturer  >> Read full details on our blog  
  Austria – Palfinger Exploit: Ransomware
Palfinger: Crane Manufacturer  >> Read full details on our blog  
  Hong Kong – Dairy Farm Exploit: Ransomware
Dairy Farm: Retail Conglomerate  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 20/01/21 – 26/01/21

ShinyHunters work overtime at multiple targets including Pixlr & data theft puts a star talent agency in the spotlight.

Dark Web ID’s Top Threats This Week
Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Sales & Retail
Top Employee Count: 501+  
  United Kingdom – the7stars Exploit:  Ransomware
the7stars: Talent Agency  >> Read full details on our blog  
  United States – TeeSpring Exploit: Hacking
Teespring: eCommerce Platform  >> Read full details on our blog  
  United States – Circut Court of Cook County Exploit: Unsecured Server
Circuit Court of Cook County: Municipal Court System  >> Read full details on our blog  
  United States – MeetMindful Exploit: Hacking 
MeetMindful: Dating Site >> Read full details on our blog  
  United States – Bonobos Exploit: Hacking
Bonobos: Menswear Retailer  >> Read full details on our blog  
  Canada – City of Montmagne Exploit: Ransomware
City of Montmagne: Municipal Government  >> Read full details on our blog  
  Sweden – Pixlr Exploit: Third Party Data Breach
Pixlr: Photo Editing Software Developer  >> Read full details on our blog  
  Australia – Australia Securities and Investments Commission  Exploit: Hacking
Australia Securities and Investments Commission: Securities Regulator  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 13/01/21 – 19/01/21

Capcom’s breach hits 40K players,

Dark Web ID’s Top Threats This Week
Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Health & Medical Research
Top Employee Count: 501+  
  United Kingdom – Nohow International Exploit: Unsecured Database
Nohow International: Staffing Firm  >> Read full details on our blog  
  Japan – Capcom Co. Ltd  Exploit: Ransomware
Capcom Co. Ltd.: Videogame Developer  >> Read full details on our blog  
  United States – Ubiquiti Networks Exploit: Hacking
Ubiquiti Networks: Communications Technology Firm  >> Read full details on our blog  
  United States – Parler Exploit: Hacking 
Parler: Social Media Application  >> Read full details on our blog  
  United States – Taylor Made Diagnostics Exploit: Ransomware
Taylor Made Diagnostics: Occupational Healthcare Provider  >> Read full details on our blog  
  United States – South Country Health Alliance Exploit: Phishing
South Country Health Alliance: Health Plan Provider  >> Read full details on our blog  
  Canada – Government of Saskatchewan Hunting, Angling & Fishing Licensing (HAL) Exploit: Human Error
Government of Saskatchewan HAL: Regional Regulatory System  >> Read full details on our blog  
  The Netherlands – Eneco  Exploit: Credential Stuffing 
Eneco: Energy Company  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 06/01/21 – 12/01/21

Multiple healthcare targets receive an unwelcome diagnosis of ransomware. 

Dark Web ID’s Top Threats This Week
Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Education & Research
Top Employee Count: 501+  
  United Kingdom – Amey Plc Exploit: Ransomware
Amey Plc: Infrastructure Builder    >> Read full details on our blog  
  United States – Lake Regional Healthcare Exploit: Ransomware
Lake Regional Healthcare: Hospital System    >> Read full details on our blog  
  United States – OmniTRAX Exploit: Ransomware
OmniTRAX: Short Line Railway  >> Read full details on our blog  
  United States – Apex Laboratories  Exploit: Ransomware
Apex Laboratories: Consumer Medical Testing   >> Read full details on our blog  
  United States – Dassault Falcon Jet Exploit: Ransomware
Dassault Falcon Jet: Aviation Manufacturing  >> Read full details on our blog  
  Canada – Aurora Cannabis Exploit: Unauthorized Access
Aurora Cannabis: Marijuana Dispensary Chain   >> Read full details on our blog  
  Canada – Communauto Exploit: Ransomware
Communauto: Car Sharing Service  >> Read full details on our blog  
  New Zealand – The Reserve Bank of New Zealand Exploit: Third Party Breach
The Reserve Bank of New Zealand: Central Government Bank  >> Read full details on our blog  
  Australia – Health and Community Services Union Tasmania Exploit: Unsecured Database
Health and Community Services Union Tasmania: Regional Health Department  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 30/12/20 – 05/01/21

It may be a new year, but cybercriminals are up to the same old tricks around the world. Old-fashioned hacking nails Kawasaki, T-Mobile and Promutuel.

Dark Web ID’s Top Threats This Week
Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Education & Research
Top Employee Count: 501+  
  United States – Whirlpool Exploit: Ransomware
Whirlpool: Appliance Manufacturer  >> Read full details on our blog  
  United States – GetSchooled Exploit: Unsecured Database
GetSchooled: Education Non-Profit  >> Read full details on our blog  
  United States – Door Controls USA Exploit: Ransomware
Door Controls USA: Door Parts Distributor >> Read full details on our blog  
  United States – T-Mobile Exploit: Hacking
T-Mobile: Mobile Device Network Provider  >> Read full details on our blog  
  United States – Aetna Exploit: Malicious Insider
Aetna: Insurance Company  >> Read full details on our blog  
  Canada – Promutuel Assurance Exploit: Hacking
Promutuel Assurance: Insurance Company  >> Read full details on our blog  
  Belgium – General Medical Laboratory (AML)  Exploit: Ransomware
General Medical Laboratory (AML): Medical Testing Laboratories  >> Read full details on our blog  
  Germany – Funke Media Group Exploit: Ransomware
Funke Media Group: News Reporting Organization  >> Read full details on our blog  
  India – IndiGo Exploit: Ransomware
IndiGo: Airline  >> Read full details on our blog  
  Japan – Kawasaki Heavy Industries Aerospace Co.  Exploit: Hacking
Kawasaki Heavy Industries Aerospace Co.: Aerospace Technology Manufacturing  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 23/12/20 – 29/12/20

Ransomware was an unwelcome holiday gift for a plastic surgery group, a trucking company, and other organizations!

Dark Web ID’s Top Threats This Week

Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Education & Research
Top Employee Count: 11 – 50  
  United Kingdom – The Hospital Group Exploit: Ransomware
The Hospital Group: Private Cosmetic Surgery Services >> Read full details on our blog  
  United Kingdom – NOW: Pensions Exploit: Insider Incident (Accidental)
NOW Pensions: Workplace Pension Services  >> Read full details on our blog  
  Scotland – Scottish Environmental Protection Agency  Exploit: Hacking
Scottish Environmental Protection Agency – National Environmental Regulatory Authority  >> Read full details on our blog  
  United States – Forward Air  Exploit: Ransomware
Forward Air: Trucking & Logistics Company  >> Read full details on our blog  
  United States – TennCare Exploit:  Insider Incident (Accidental)
TennCare: Medicaid Services Agency >> Read full details on our blog  
  United States – TaskRabbit Exploit: Credential Stuffing
TaskRabbit: Microlabor Marketplace  >> Read full details on our blog  
  Canada – Sangoma Technologies Exploit: Ransomware
Sangoma Technologies: VoIP Technology Provider  >> Read full details on our blog  
  Spain – 21 Buttons Exploit:  Misconfiguration
21 Buttons: Fashion Social Network  >> Read full details on our blog  
  Japan – Koei Tecmo Exploit: Spear Phishing
Koei Tecmo : Videogame and Anime Studio  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 16/12/20 – 22/12/20

The fallout of last week’s massive nation-state hacking incident continues for Microsoft, Cisco & more plus yet another Spotify breach, Work From Home culture spawns new risk and the dangers of Dark Web data markets for your businesses.   

Dark Web ID’s Top Threats This Week

Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Education & Research
Top Employee Count: 11 – 50  
  United States – Microsoft Exploit: Hacking (Nation-State)
Microsoft: Software & Technology Developer  >> Read full details on our blog  
  United States – Cisco Exploit: Hacking (Nation-State)
Cisco: Technology Developer  >> Read full details on our blog  
  United States – Spotify Exploit: Accidental Data Exposure
Spotify: Music Streaming Service  >> Read full details on our blog  
  United States – City of Independence, MO Exploit: Ransomware
City of Independence, MO: Municipal Government  >> Read full details on our blog  
  United States – Sonoma Valley Hospital Exploit: Hacking (Nation-State)
Sonoma Valley Hospital: Medical Center  >> Read full details on our blog  
  United Kingdom – People’s Energy Exploit: Hacking
People’s Energy: Sustainable Energy Utility  >> Read full details on our blog  
  United Kingdom – Probase Exploit: Unsecured Database
Probase: CRM App Developer  >> Read full details on our blog  
  Germany – Symrise Exploit: Ransomware
Symrise: Flavor and Fragrance Producer >> Read full details on our blog  
  India – State of Telangana Exploit: Misconfiguration
State of Telangana: Regional Government  >> Read full details on our blog  
  India – ELCOM Innovations Private Limited Exploit: Malicious Insider
ELCOM Innovations Private Limited: Defense Technology Contractor  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 09/12/20 – 15/12/20

This week’s one for the books! 

Nation-state hackers mount a huge campaign against cybersecurity companies and several US federal agencies, the EU’s drug regulator takes a hit, new insight into cyberattack response plan essentials, and fake Zoom invite pitfalls abound.  

Major attacks by suspected Russian nation-state hackers on US Federal agencies including the departments of Commerce, Treasury, and Homeland Security have rocked the public and defense cybersecurity sectors.

Dark Web ID’s Top Threats This Week

Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Education & Research
Top Employee Count: 11 – 50  
  United States – SolarWinds Exploit: Hacking (Nation-State)
SolarWinds: Cybersecurity Software Developer  >> Read full details on our blog  
  United States – FireEye Exploit: Hacking (Nation-State)
FireEye: Cybersecurity Solutions Development and Testing   >> Read full details on our blog  
  United Kingdom – Marriage Tax Refund Exploit: Misconfiguration
Marriage Tax Refund: Tax Relief Advisory Firm  >> Read full details on our blog  
  United States – Netgain Exploit: Ransomware
Netgain: Data Hosting Provider  >> Read full details on our blog  
  United States – Dental Care Alliance Exploit: Hacking
Dental Care Alliance: Dental Practice Support Organization  >> Read full details on our blog  
  Canada – Parkland Corp. Exploit: Ransomware
Parkland Corp.: Motor Fuel Distributor  >> Read full details on our blog  
  The Netherlands – European Medicines Agency (EMA) Exploit: Hacking (Nation-State)
EMA: International Drug Regulation Authority  >> Read full details on our blog  
  Australia – Epicor Software Exploit: Hacking
Epicor Software: Software Developer  >> Read full details on our blog  
  Taiwan – Foxconn Exploit: Ransomware
Foxconn: Electronics Manufacturer  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 02/12/20 – 08/12/20

Egregor ransomware flies high with hits on everything from retail to infrastructure and manufacturing targets, two plane manufacturers have their wings clipped, a warning about this year’s Amazon phishing scams in the work from home era, and our holiday electronic bookshelf essentials list.

Dark Web ID’s Top Threats This Week

Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Energy & Transportation
Top Employee Count: 1 – 10  
  United States – Greater Baltimore Medical Center Exploit: Ransomware
Greater Baltimore Medical Center: Hospital  >> Read full details on our blog  
  United States – AspenPointe Exploit:  Unauthorized Database Access
AspenPointe: Healthcare Non-Profit  >> Read full details on our blog  
  United States – Philabundance Exploit: Business Email Compromise
Philabundance: Hunger Relief Non-Profit >> Read full details on our blog  
  United States – Kmart Exploit: Ransomware
Kmart: Retail Store Chain  >> Read full details on our blog  
  United States – Alaska Division of Elections Exploit: Hacking
Alaska Division of Elections: State Agency  >> Read full details on our blog  
  Canada – Metro Vancouver Exploit: Ransomware
Metro Vancouver: Public Transportation Authority >> Read full details on our blog  
  Switzerland – Kopter Group Exploit: Ransomware
Kopter Group: Helicopter Manufacturer  >> Read full details on our blog  
  The Netherlands – Randstad Exploit: Ransomware
Randstad: Staffing Firm  >> Read full details on our blog  
  The Netherlands – Royal Dutch Cycling Union Exploit: Ransomware
Royal Dutch Cycling Union: Sport Governing Body  >> Read full details on our blog  
  Australia – Loch Rannoch Highland Club Exploit: Insider Threat (Employee Error)
Loch Rannoch Highland Club: Private Resort  >> Read full details on our blog  
  Brazil – Embraer Exploit: Ransomware
Embraer: Airplane Manufacturer  >> Read full details on our blog  
Categories
The Week in Breach

The Week in Breach: 25/11/20 – 01/12/20

This week:

Baltimore County Public Schools learn a lesson about ransomware and healthcare targets worldwide take security hits. 
  United Kingdom – National Health Service Exploit: Insider Threat (Employee Error)
National Health Service: National Healthcare System  >> Read full details on our blog  
  United States – Baltimore County Public Schools Exploit: Ransomware
Baltimore County Public Schools: School System  >> Read full details on our blog  
  United States – Belden Exploit: Unauthorized Database Access
Belden: Signal Transmission Solutions Manufacturer  >> Read full details on our blog  
  United States – Spotify Exploit: Credential Stuffing
Spotify: Digital Music Streaming Service  >> Read full details on our blog  
  United States – LSU Health New Orleans Exploit: Unauthorized Systems Access
LSU Health New Orleans: Medical System  >> Read full details on our blog  
  United States – Sophos Exploit: Misconfiguration
Sophos: Cybersecurity Provider  >> Read full details on our blog  
  United States – US Fertility Exploit: Ransomware
US Fertility: Specialty Medical Clinic Operator  >> Read full details on our blog  
  Holland – Endemol Shine Group Exploit: Ransomware
Endemol Shine Group: Television Production & Distribution  >> Read full details on our blog  
  Denmark – Ritzau Exploit: Hacking
Ritzau: News Wire Service  >> Read full details on our blog  
  India – IIAM Exploit: Data Theft
IIAM Jobs: Job Search & Listing Provider  >> Read full details on our blog  
  Australia – Law In Order Exploit: Ransomware
Law In Order: Legal Document Services Provider  >> Read full details on our blog