The Week in Breach News: 10/23/24 – 10/29/24
This week: A spate of attacks hits non-profits; a malicious insider wreaks havoc on an Italian bank; see our 6 new non-English training modules; and explore how investments in ransomware defense have impacted businesses from the findings of our Kaseya Cybersecurity Survey Report 2024.
Read this week’s feature story: Investments in Ransomware Resilience Are Paying Off
Give your clients the Cybersecurity Monster Hunter’s Checklist as a fun, Halloween-themed way to help them hunt down cybersecurity weaknesses. GET CHECKLIST>>
Kansas City Hospice & Palliative Care
https://cybernews.com/news/blacksuit-ransomware-claims-kansas-city-hospice
Exploit: Ransomware
Industry: Healthcare
Kansas City Hospice & Palliative Care was added to BlackSuit’s victim list on October 19. While the organization’s website offers no further details, it confirmed launching an investigation with third-party forensic experts to assess the breach. Some systems were impacted, but operations continued without interruption, and the nonprofit is now fully recovered. Founded in 1980, Kansas City Hospice serves 5,700 individuals and families annually and is the largest hospice provider in the region, with over 300 employees and volunteers.
How It Could Affect Your Customers’ Business: A data breach like this is a fast way for an organization to run up big bills that can impact a company’s financial health and future.
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from often email-based cyberattacks like ransomware in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
Easterseals
https://therecord.media/easterseals-central-illinois-data-breach
Exploit: Ransomware
Industry: Non-profit
The Rhysida ransomware group has targeted Easterseals, seeking to extort $1.3 million from the organization that supports disabled children, seniors, and military veterans. Although Easterseals has not commented, it filed breach notification documents with Maine regulators, revealing a cyberattack at its Central Illinois location in April. The attack compromised the personal information of 14,855 individuals, including names, addresses, Social Security numbers and medical data. Affected individuals are being offered 12 months of identity protection services. The group has posted Easterseals on its leak site, demanding a 20 bitcoin ransom by October 30.
How It Could Affect Your Customers’ Business: It’s important to remember that even non-profits like charities aren’t immune to cybercrime.
Kaseya to the Rescue: Explore the biggest challenges professionals contended with in 2024 and the impact of AI on cybersecurity in the Kaseya Cybersecurity Survey 2024. GET THE REPORT>>
BronxWorks
https://www.jdsupra.com/legalnews/bronxworks-announces-data-breach-3646094
Exploit: Hacking
Industry: Non-profit
BronxWorks, a non-profit in New York that provides family, legal and health services, filed a data breach notice with the Massachusetts Attorney General after discovering that an unauthorized party accessed employee email accounts. The breach, which occurred between September 1 and October 11, 2023, also involved access to documents stored on SharePoint and OneDrive platforms. Compromised information includes names, Social Security numbers, passport numbers, digital signatures, medical and financial data and driver’s license numbers. BronxWorks has begun notifying affected individuals and is taking steps to address the security incident.
How It Could Affect Your Customers’ Business: Attacks on non-profits can hurt more than just organizations, they can also hurt people.
Kaseya to the Rescue: See how an antiphishing solution that leverages AI and automation can help businesses stop phishing economically. DOWNLOAD EBOOK>>
Arkansas Blue Cross and Blue Shield
Exploit: Supply Chain Breach
Industry: Insurance
Arkansas Blue Cross and Blue Shield is assisting members after a vendor data breach on August 26. Its vendor, Healthmine, discovered unauthorized access to the Blue Wellness Rewards program portal, where a hacker redeemed digital gift cards and accessed members’ personal data, including names, addresses, emails, birth dates, and prescription histories. Social Security numbers and financial information were not compromised. The company reported the incident to law enforcement, hired a forensic firm and Healthmine disabled affected accounts and blocked suspicious domains.
How It Could Affect Your Customers’ Business: This breach garnered attackers a combination of health and personal data that will be profitable for them and an expensive disaster.
Kaseya to the Rescue: Our infographic walks you through exactly how security awareness training prevents phishing from hooking unsuspecting employees. DOWNLOAD IT>>
Johnson & Johnson
https://www.securityweek.com/johnson-johnson-discloses-data-breach
Exploit: Hacking
Industry: Insurance
Johnson & Johnson, an insurer unrelated to the pharmaceutical company, disclosed a security breach detected in mid-August 2024. A forensic investigation revealed that files related to its insurance operations may have been compromised, potentially exposing personal information. However, the exact data affected remains unclear. The breach impacted over 3,200 individuals. Johnson & Johnson claims that it has taken steps to strengthen its security following the incident.
How it Could Affect Your Customers’ Business: Insurance companies can be excellent sources of data for bad actors thanks to the multiple data types they tend to hold.
Kaseya to the Rescue: Are you taking advantage of the amazing benefits you get when you combine RocketCyber Managed SOC and Datto EDR? This product brief outlines them all! DOWNLOAD IT>>
Take a deep dive into why an AI-powered anti-phishing solution is a smart financial choice. GET EBOOK>>
Peru – World Vision Perú
https://ransomwareattacks.halcyon.ai/attacks/medusa-ransomware-hits-world-vision-peru-in-cyberattack
Exploit: Ransomware
Industry: Non-Profit
World Vision Perú, a branch of the Christian relief, development, and advocacy organization World Vision, has fallen victim to a ransomware attack orchestrated by the Medusa group. This incident was discovered on October 14. Employee and client information likely exposed in this attack includes full names, passport scans and email addresses. Unspecified confidential business data was also snatched. No ransom demand was made public.
How it Could Affect Your Customers’ Business: A successful cyberattack on a non-profit can have an unfortunate ripple effect on that non-profit’s entire community.
Kaseya to the Rescue: Learn about five ways that businesses may be in danger of trouble from the dark web in an infographic that’s also perfect for sharing on social media! DOWNLOAD IT>>
Curious about what has happened in cybersecurity in 2024 including the rise of AI? READ OUR REPORT>>
Switzerland – Berufsbildungszentrum (BBZ)
https://therecord.media/ransomware-attack-german-speaking-school-switzerland-bbz-schaffhausen
Exploit: Ransomware
Industry: Education
The Vocational Training Center (BBZ) in Schaffhausen, Switzerland, suffered a ransomware attack earlier this month, the canton’s education department announced. Cybercriminals exploited a firewall vulnerability to block system access and demanded a ransom using encryption malware. The school has notified employees, parents, trainees and partner companies about the incident, and classes will resume as scheduled after the fall break.
How it Could Affect Your Customers’ Business: Education is the top sector for ransomware attacks, which means that schools need extra protection in place.
Kaseya to the Rescue: Run more effective security awareness and phishing resistance campaigns with this infographic featuring 10 expert tips to maximize your training programs. DOWNLOAD IT>>
Italy – Intesa Sanpaolo
Exploit: Malicious Insider
Industry: Finance
Prosecutors in Bari, Italy, are investigating a data breach at Intesa Sanpaolo, the country’s largest bank, involving unauthorized access to around 3,500 customer accounts, including those of Prime Minister Giorgia Meloni and former Prime Minister Mario Draghi. An employee at a branch in Bitonto allegedly accessed the accounts between February 2022 and April 2024. The bank initiated disciplinary action and a full audit after its internal controls flagged irregular activity. Affected customers had already alerted authorities before the bank notified prosecutors. Intesa issued a public apology on October 13 and established a new security division, led by a recently retired senior police officer.
How it Could Affect Your Customers’ Business: No company wants to think about it, but every business is at risk of trouble from a malicious insider.
Kaseya to the Rescue: A bewildering array of acronyms are used for cybersecurity technologies. This infographic breaks down six of them. DOWNLOAD IT>>
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
Read this week’s feature story: Investments in Ransomware Resilience Are Paying Off
In this week’s featured blog, we take a deep dive into companies’ experiences with ransomware in the past year. We’ll explore how the ransomware landscape has changed, including the rising cost of ransoms and how smart preparedness and recovery strategies have impacted businesses’ battles with ransomware. READ MORE>>
Learn how to identify and mitigate malicious and accidental insider threats before there’s trouble! GET EBOOK>>
6 new security awareness training modules in French, Spanish and Portuguese have arrived
As we head into the last part of the year, now is the perfect time to start planning your cybersecurity training programs for 2025. Check out these new training courses that you may want to consider, now available in the BullPhish ID Training Portal:
- Consequences of GDPR release
- EU GDPR for data breach notification for processors
- SIM card swap scam
Six new cybersecurity awareness training videos in French, Spanish and Portugese have arrived to power up your next round of training. These courses are available now in your BullPhish ID training portal.
- WhatsApp – Almacenamiento Lleno (Spanish)
- WhatsApp – Stockage Plein (French)
- WhatsApp – Armazenamento Cheio (Portuguese)
- Notificação de Senha do Office 365 (Portuguese)
- Notificación de Contraseña de Office 365 (Spanish)
- Notification de Mot de Passe Office 365 (French)
Learn more about these fresh phishing simulations and other BullPhish ID news in the Release Notes. LEARN MORE>>
Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>
Download the Kaseya Cybersecurity Survey Report 2024
The cybersecurity landscape is constantly evolving. In the Kaseya Cybersecurity Survey Report 2024, we examine the cybersecurity experiences of our clients. We surveyed IT professionals at a wide variety of businesses about topics like the cyberattacks they’ve faced, the cybersecurity frameworks they use and the advent of artificial intelligence as a major force in cybersecurity – and we’re ready to share the results with you.
In this year’s report, we explore:
- How businesses have fared against cyberthreats like ransomware, phishing and supply chain attacks in the past year
- Trends in governance, budgeting, incident response, purchasing and other areas of cybersecurity management
- The impact of AI on cybercrime and cybersecurity.
Download it now to see all of the important insights! DOWNLOAD THE REPORT>>
Did you miss…the Cybersecurity Monster Hunter’s Checklist? DOWNLOAD IT>>
See why choosing a smarter SOC is a smart business decision. DOWNLOAD AN EBOOK>>
October 28 – 30: Kaseya DattoCon (Miami) REGISTER NOW>>
November 12 – 14: Kaseya DattoCon APAC (Sydney) REGISTER NOW>>
Read our case studies and see how MSPs and businesses have benefitted from using our solutions. READ NOW>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!