A Florida municipal water plant breach raises alarm, ransomware impacts hospital care in France, our special look at 3 ways that MSPs and SMBs can work together to fight ransomware plus how to make a battle plan for your MSP’s charge to greater profit!
Read the full article from the news source at IDAgent.
United States – Syracuse University
SU data breach exposes nearly 10,000 names, Social Security numbers
Exploit: Unauthorized Access to Email
Syracuse University: Institution of Higher Learning
Risk to Business: 2.379 = Severe
An unknown party gained unauthorized access to an employee’s email account at Syracuse University. The university launched an investigation with a third party firm that determined in early January that emails and attachments in the account that had been improperly accessed did contain names and Social Security numbers of students, and those affected who have been informed by letter.
Individual Risk: 1.347 = Severe
Impacted students may have had names and Social Security numbers exposed. officials aren’t clear on how much data was stolen or who may have taken it. Students should be alert to potential identity theft or spear phishing attempts
Customers Impacted: 10,000
How it Could Affect Your Customers’ Business: Data like this is a currency on the Dark Web, and it can hang around for years acting as fuel for future cybercrime like phishing.
ID Agent to the Rescue: Watch for threats from the Dark Web without lifting a finger using Dark Web ID, 24/7/365 credential monitoring that alerts you to trouble fast. LEARN MORE>>
United States – Chess.com
Vulnerability in Chess.com allowed access to 50 Million user records
Exploit: Security Vulnerability
Chess.com: Gaming and Resource Site
Risk to Business: 2.211 = Severe
Security researchers found a critical bunch of vulnerabilities in chess.com’s API. The flaws could have been exploited to access any account on the site. They could also be used to gain full access to the site through its administrator panel. The website quickly fixed the problem after they were informed. There’s no current evidence that it was accessed by bad actors before it was patched.
Customers Impacted: 50 million
How it Could Affect Your Customers’ Business Security vulnerabilities can lead companies down dangerous paths and expose them to unexpected risks. Building a strong security culture helps make sure everyone is on the same page when it comes to data protection.
ID Agent to the Rescue: Get The Road to Cyber Resilience to learn strategies and solutions that can make your business bounce back faster from cybersecurity failures. READ THE BOOK>>
United States – Nebraska Medicine
https://apnews.com/article/technology-data-privacy-nebraska-94d8a76d2b772a3014773023c989d71a
Exploit: Malware
Nebraska Medicine: Health System
Risk to Business: 1.663 = Severe
Nebraska Medicine and the University of Nebraska Medical Center have begun notifying patients and employees whose personal information may have been compromised in a breach in late 2020. Bad actors gained access to Nebraska Medicine and UNMC’s shared network using unnamed malware. The breach led to the interruption of some services including the postponement of patient appointments and required staff in the system’s hospitals and clinics to chart by hand.
Individual Risk: 2.101 = Severe
Nebraska Medicine officials say that the incident did not result in unauthorized access to the health system’s shared electronic medical record application. However, an unspecified number of records that included information such as names, addresses, health insurance data, Social Security numbers and clinical information was compromised. Patients and employees should carefully watch for identity theft, spear phishing or fraud attempts using this data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware isn’t the only kid on the block when it comes to causing a data breach – many types of malware are available for bad actors to use, and they can do devastating damage without the ransom.
ID Agent to the Rescue: Read our Security Awareness Champion’s Guide, for a complete walkthrough of today’s nastiest cyberattacks and the tricks that cybercriminals conduct them. GET THE BOOK>>
United States – Oldsmar Water Treatment Plant
Florida Water Plant Hack: Leaked Credentials Found in Breach Database
Exploit: Credential Compromise
Oldsmar Water Treatment: Municipal Water System Plant
Risk to Business: 2.022 = Severe
In an attack that made national headlines, bad actors are suspected of using stolen credentials to access operational systems at a Florida wastewater treatment plant. The attackers likely used remote access software to enter the operations system with the intent of changing the level of sodium hydroxide, more commonly known as lye, in the water from 100 parts per million to 11,100 parts per million. Other systems detected the chemical change and stopped it before anyone was hurt. Officials suspect that the compromised credentials may have been part of a huge 2017 data dump.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Recycled, reused, and weak passwords can cause trouble for years, and that’s especially dangerous when they give access to critical infrastructure like this.
ID Agent to the Rescue: Passly is an essential protection for every business, adding multifactor authentication that stops more than 90% of password-based cyberattacks. SEE IT IN ACTION>>
Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>
Canada – Canadian Discount Car and Truck Rentals
DarkSide Ransomware gang hits Canadian rental car company
Exploit: Ransomware
Canadian Discount Car and Truck Rentals: Vehicle Rental Company
Risk to Business: 1.668 = Severe
The DarkSide ransomware gang claims to have stolen 120 GB of data from Canadian Discount Car and Truck Rentals. The snatched data includes marketing, finance, account, banking and franchisee information. The company’s clients are also unable to book or manage rentals online.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware usually means phishing, today’s top threat to businesses. Every company can be hit by ransomware at any time. Employee training is vital to guard against this threat.
ID Agent to the Rescue: BullPhish ID is newly updated and upgraded to provide top-tier training that’s user-friendly for everyone involved. LEARN MORE IN THIS WEBINAR>>
Want to Borrow Our Sales and Marketing Teams? OK!
Get expert sales and marketing help to power up your MSP in a flash with Powered Services Pro. LEARN MORE>>
France – Dax-Cote de Argent Hospital
https://portswigger.net/daily-swig/dax-cote-dargent-hospital-in-france-hit-by-ransomware-attack
Exploit: Ransomware
Dax-Cote de Argent Hospital: Medical Center
Risk to Business: 1.413 = Severe
A suspected Egregor ransomware attack has caused significant operational disruption at French medical center Dax-Cote de Argent Hospital. Staff were resorting to pen and paper for records, phone systems were knocked out of operation and critical departments including radiotherapy care were severely disrupted. Officials at the hospital system, which has six sites and around 1,000 beds, were quoted as saying that restoration of normal operations could be several weeks away.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is lurking around every corner, and it can have severe impacts on every organization, resulting in everything from stolen data to near-complete operational shutdown.
ID Agent to the Rescue: In our eBoom Ransomware 101, learn how to spot and stop ransomware and add essential defenses against future attacks before it impacts your business. GET THE EBOOK>>
France – Mutuelle Nationale des Hospitaliers (MNH)
https://www.bleepingcomputer.com/news/security/french-mnh-health-insurance-company-hit-by-ransomexx-ransomware/
Exploit: Ransomware
Mutuelle Nationale des Hospitaliers (MNH): Insurance Company
TECHNOLOGY SOLUTIONS FROM JK CONSULTING
JK Consulting is a Chicago-Based IT Consulting Company with over 100 years of combined engineering experience. Our Managed Services program rivals some of the best in the business for half the cost.
Our mission is to provide the highest quality service and solutions to businesses and individuals alike with the ability to work with any budget. We have built a team of support professionals with website, hardware, software and network experience in both the corporate and residential markets. We’ve also integrated our services into more than 30 different commercial markets.