The Week in Breach News: 08/14/24 – 08/20/24
This week: Human error leads to two big data breaches; hackers hit an influential newspaper as U.S. election season moves into high gear; exploring industry-specific case studies and why half of employees fear reporting a cybersecurity blunder.
What challenges will IT pros face in the second half of 2024? Find out in the Mid-Year Cyber Risk Report. GET IT>>
Specialty Networks
Exploit: Hacking
Specialty Networks: Medical Business Services Provider
Specialty Networks, a radiology information systems provider based in Chattanooga, Tennessee, reported a data breach that may have exposed the personal health information of current and former patients. The breach, first detected on December 18, involved unauthorized access to data including names, Social Security numbers, medical records and more. The company has since secured its network and is notifying those affected while taking steps to prevent future incidents.
How It Could Affect Your Customers’ Business: In addition to the big bills this company faces for investigation and recovery, it is likely to incur big fines from regulators.
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from often email-based cyberattacks like ransomware in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
Flint, Michigan
Exploit: Ransomware
Flint, Michigan: Municipal Government
The city of Flint, Michigan, is working to restore network systems after a ransomware attack on August 14 that disrupted payment and communication services. The attack affected the city’s billing system, halting online and credit card transactions for water, sewer, and tax payments, but emergency services like 911 were unaffected. No late fees or water shutoffs will occur during the outage. The attack also impacted GIS maps and email services, though public health services remain fully operational.
How It Could Affect Your Customers’ Business: Beyond snarling services like bill paying or licensing, attacks against municipal governments can be dangerous for the local community.
Kaseya to the Rescue: Learn about the factors that have shaped cybersecurity in 2024 and be ready for what’s next with the knowledge you’ll gain from our Midyear Cyber-risk Report 2024. GET REPORT>>
The Washington Times
https://cybernews.com/news/washington-times-ransomware-attack-rhysida-claim/
Exploit: Ransomware
The Washington Times: Newspaper
The Washington Times, an influential U.S. newspaper, was reportedly compromised by the Rhysida ransomware group, which listed the paper as a victim on its dark web blog. The group claims to be auctioning the Washington Times’ “exclusive” data, including corporate files and employee documents, for 5 bitcoins (approximately $304,518) with a seven-day deadline to start the auction.
How It Could Affect Your Customers’ Business: During election season cyberattack danger ramps up for a wide variety of organizations including newspapers, campaign PAC and party websites and think tanks.
Kaseya to the Rescue: Learn more about the types of data that bad actors sell on the dark web and how they profit from it in The IT Professional’s Guide to Dark Web Defense. DOWNLOAD IT>>
FlightAware
https://readwrite.com/flightaware-data-leak/
Exploit: Misconfiguration
FlightAware: Technology Company (Apps)
Popular flight tracking app FlightAware has informed users that it recently experienced a data breach. On July 25, 2024, FlightAware discovered a configuration error that may have exposed personal information from user accounts, including user IDs, passwords, email addresses, and potentially full names, addresses, credit card details and account activity.
How It Could Affect Your Customers’ Business: Even a small mistake in configuration can result in a big mess for a company, but training can help reduce employee errors.
Kaseya to the Rescue: Are you taking advantage of the amazing benefits you get when you combine RocketCyber Managed SOC and Datto EDR? This product brief outlines them all! DOWNLOAD IT>>
Canada – AutoCanada
https://www.scmagazine.com/news/rhysida-ransomware-hits-sumter-county-sheriff-in-latest-ci-attack
Exploit: Ransomware
Sumter County Sheriff: Law Enforcement
The Sumter County Sheriff’s Office in Florida has been targeted by the Rhysida ransomware group, which has threatened to release stolen data including ID scans and fingerprints. The Sheriff’s Office disclosed the attack on Tuesday, stating that while law enforcement operations will not be affected, access to some records may be limited during the investigation. The Rhysida group posted the breach on its leak site Friday, with a seven-day countdown for bidding on the stolen data, starting at 7 bitcoins (approximately $423,000).
How it Could Affect Your Customers’ Business: This is another major blow for car dealers that are just starting to bounce back from a supply chain attack earlier this year.
Kaseya to the Rescue: Our infographic walks you through exactly how security awareness training prevents phishing from hooking unsuspecting employees. DOWNLOAD IT>>
Learn about the top cyber threats K-12 schools face and how to mitigate them. DOWNLOAD INFOGRAPHIC>>
Chile – Caja Los Andes
Exploit: Misconfiguration
Caja Los Andes: Pension and Social Security Fund
On July 4th, a massive data leak at Caja Los Andes, Chile’s largest Family Allowance Compensation Fund, exposed the private information of 10 million Chileans—over half the country’s population. The leak occurred due to an unsecured Apache Cassandra database, leaving names, addresses, birthdates, phone numbers, and credit details accessible online. Although the fund had over four million members in 2023, the breach affected data for more than twice that number.
How it Could Affect Your Customers’ Business: This is a huge score of profitable data for bad actors, and they get to scoop it up without doing any work because of employee errors.
Kaseya to the Rescue: Learn about five ways that businesses may be in danger of trouble from the dark web in an infographic that’s also perfect for sharing on social media! DOWNLOAD IT>>
France – The Grand Palais
Exploit: RansomwareT
The Grand Palais: Sports Arena
The Grand Palais in Paris, a key venue for the 2024 Summer Olympics, was targeted by a cyberattack in early August 2024. Hackers infiltrated its digital systems, accessing sensitive financial data and demanding a ransom in cryptocurrency. The Paris 2024 Olympics organizing committee, alongside cybersecurity experts and law enforcement, acted swiftly to secure the compromised systems and implement safeguards to prevent further attacks.
How it Could Affect Your Customers’ Business: High-profile events and the organizations associated with them make juicy targets for bad actors because it makes it easy for them to add time pressure.
Kaseya to the Rescue: Run more effective security awareness and phishing resistance campaigns with this infographic featuring 10 expert tips to maximize your training programs. DOWNLOAD IT>>
Germany – Rödl Management, Inc.
Exploit: Hacking
Rödl Management, Inc.: Business Service Provider
On August 12, 2024, Rödl Management, Inc. reported a data breach affecting Jamestown, L.P. and JT Tax Services L.P. After discovering unauthorized access to its computer network, Rödl determined that sensitive consumer information, including names and Social Security numbers, was compromised. The breach occurred between January 30 and February 9, 2024, and Rödl has since notified affected individuals and involved federal law enforcement.
How it Could Affect Your Customers’ Business: A cybersecurity incident at a supplier or service provider can be a problem for that company’s customers too.
Kaseya to the Rescue: There are a bewildering array of acronyms used for cybersecurity technologies. This infographic breaks down six of them. DOWNLOAD IT>>
Is building an in-house SOC a smart move? Our whitepaper breaks down the costs. READ IT>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a range of factors for each incident
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
Are you making the most of our case studies?
Our case studies give decision-makers a look inside how a solution might work for their organization, making it easier to move the needle from “skeptical” to “yes”. Check out these industry-specific case studies.
Hospitality: Crystal Mountain Resort – An uptick in cyberattacks in their sector illuminated the need to be prepared.
Finance: Pioneer Bank – Steady growth also brought cybersecurity challenges including regulatory hurdles to overcome.
Energy: Novum Energy – Sought ways to maximize operational efficiency and security while supporting far-flung offices.
See more RocketCyber and ID Agent case studies.
Maximize your security awareness training program
Regular, thorough security awareness training that includes phishing simulations is a must-have for every business. Is your security awareness training program covering all of the bases? Our checklist offers you 10 tips to help you make sure that you haven’t missed anything and that you’re getting the most out of your security awareness training solution! GET THE CHECKLIST>>
Did you miss… The Midyear Cyber Risk Report 2024? DOWNLOAD IT>>
See why choosing a smarter SOC is a smart business decision. DOWNLOAD AN EBOOK>>
Half of Employes Fear Reporting Mistakes
In the fast-paced world of cybersecurity, mistakes are inevitable. Yet, when these errors occur, many employees hesitate to report them. An estimated 50% of employees are afraid to report their cybersecurity errors because they dread the repercussions. This reluctance can have serious consequences for organizations, potentially allowing small issues to snowball into major security breaches. Understanding why employees are afraid to report mistakes and how to create an environment that encourages transparency is crucial for strengthening a company’s cybersecurity posture.
What challenges will IT pros face in the second half of 2024? Find out in the Mid-Year Cyber Risk Report. GET IT>>
Why Employees Stay Silent
There are a variety of reasons why employees may fear reporting a cybersecurity problem, especially if it is because of an error made by themselves or a coworker.
Fear of repercussions: One of the most common reasons employees avoid reporting cybersecurity mistakes is the fear of punishment. In many organizations, even simple errors are met with disciplinary actions, such as reprimands, demotion or even termination. The fear of losing their job or damaging their career can be overwhelming, leading them to hope that the issue resolves itself or goes unnoticed. This fear is not unwarranted. Forbes Magazine noted that 26% of employees who lost jobs in a one-year period were fired for making a cybersecurity blunder. It must be clear to everyone up front that reporting a cybersecurity issue will not result in disciplinary action or termination.
Shame and embarrassment: Making a mistake, especially in a critical area like cybersecurity, can be embarrassing. Employees may worry about being judged by their peers or managers, feeling that admitting an error would make them appear incompetent or untrustworthy. Managers, who are twice as likely to fall for phishing as employees, may be embarrassed. This sense of shame can be a powerful deterrent, keeping them from coming forward with valuable information.
Lack of awareness: Some employees might not fully understand the implications of their actions. They might think that the mistake they made is too minor to report, not realizing that even small errors can open the door to significant security risks. This lack of awareness can lead to underreporting or completely ignoring potential issues.
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
Unclear reporting procedures: If employees don’t know how or where to report cybersecurity mistakes, they are less likely to do so. Complicated or unclear reporting processes can be a major barrier. In some cases, employees may be uncertain whether what they’ve done even qualifies as a mistake that needs reporting.
Limited understanding of why reporting matters: Non-tech employees may not fully grasp why they should report security gaffes immediately, a circumstance that can lead to a problem quickly. Almost 40% of workers think that only executives and security teams are supposed to be focused on security practices.
Cultural barriers: In some organizations, a culture of perfectionism or an overly hierarchical structure can make employees feel that admitting mistakes is unacceptable. When a company’s culture values flawless performance over learning and improvement, employees may fear that any admission of error will be seen as a sign of weakness.
Learn to defend against today’s sophisticated email-based cyberattacks DOWNLOAD EBOOK>>
7 Keys to Encouraging a Culture of Transparency
Creating an environment where employees feel comfortable reporting cybersecurity mistakes is essential for minimizing risks and improving overall security. The Verizon Data Breach Investigations Report 2024 notes that about one-quarter of data breaches are caused by employee errors. These tips can help businesses foster a healthy cybersecurity culture.
- Safety: Encourage a culture where mistakes are seen as learning opportunities rather than failures. Management should emphasize that it’s better to report a mistake immediately than to hide it. Reinforcing the idea that everyone makes mistakes and that reporting them can help prevent bigger issues, will make employees feel safer about coming forward.
- Empowerment: Ensure that all employees know exactly what constitutes a reportable incident and how to report cybersecurity incidents and mistakes. The process should be straightforward and accessible, with clear guidelines on what constitutes a reportable event. Regular training sessions can help reinforce these procedures.
- Kindness: Don’t berate or embarrass an employee who reports a cybersecurity problem. This may seem self-evident, but in the stress and hurry of fixing a cybersecurity mistake, it is far too easy for management or tech employees to react to the problem with hostility or make the employee who made and reported the error feel stupid.
- Education: Regularly educate employees on the importance of cybersecurity and the potential consequences of unreported mistakes. Understanding the broader impact of their actions can motivate employees to be more vigilant and proactive in reporting issues. It is vital that cybersecurity awareness training is not used as a punishment for employees who report mistakes. ISACA recommends cybersecurity awareness training every four to six months. According to their research, at four months after initial training, employees are still able to spot phishing emails, but after six months, they start to forget what they have learned.
- Leadership: Leaders play a crucial role in setting the tone for the organization in every area. When leaders are transparent about their own mistakes and openly discuss how they’ve learned from them, it encourages employees to do the same. This openness at the top can cascade throughout the company, fostering a culture of trust and honesty.
- Reassurance: Introduce anonymous reporting. In some cases, allowing employees to report mistakes anonymously can help reduce fear. An anonymous reporting system can serve as a safety net for those who are too afraid to come forward otherwise. While this shouldn’t replace open communication, it can be a valuable tool in encouraging reporting.
- Rewarding: Offer incentives for reporting. Recognize and reward employees who report mistakes, especially when their actions help prevent larger security breaches that end in an expensive cyberattack or data breach. Positive reinforcement can go a long way in shifting the company culture toward one that values transparency.
Cybersecurity is a team effort, and the sooner mistakes are reported, the easier they are to manage. By understanding the reasons behind employees’ fear of reporting and taking steps to address those concerns, organizations can create a more secure and resilient environment. Transparency, education, understanding and support are key to helping employees overcome the fear that they will get in trouble or even lose their job for reporting mistakes. Getting everyone on the same page about the importance of reporting cybersecurity mistakes will ultimately lead to a stronger cybersecurity posture for the entire company.
See why choosing a smarter SOC is a smart business decision. DOWNLOAD AN EBOOK>>
Kaseya’s Security Suite Helps Businesses Mitigate All Types of Cyber Risk Affordably
Kaseya’s Security Suite has the tools that MSPs and IT professionals need to mitigate cyber risk effectively and affordably with automations and AI-driven features that make IT professionals’ lives easier.
BullPhish ID: This effective, automated security awareness training and phishing simulation solution provides critical training that improves compliance, prevents employee mistakes and reduces a company’s risk of being hit by a cyberattack.
Dark Web ID: Our award-winning dark web monitoring solution is the channel leader for good reason. It provides the greatest amount of protection around with 24/7/365 human- and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses.
Graphus – Graphus is a cutting-edge, automated antiphishing solution that puts three layers of AI-powered protection between employees and phishing messages. It supercharges your Microsoft 365 and Google Workspace email security to catch threats conventional security might miss including Zero Days and AI-enhanced malicious messages.
RocketCyber Managed SOC: Our managed detection and response (MDR) solution is backed by a world-class security operations center that detects malicious and suspicious activity across three critical attack vectors: endpoint, network and cloud.
Datto EDR: Detect and respond to advanced threats with built-in continuous endpoint monitoring and behavioral analysis to deliver comprehensive endpoint defense (something that many cyber insurance companies require).
Datto AV: Safeguard businesses effortlessly against sophisticated cyberthreats, including zero-days and ransomware, with AI-driven, next-generation antivirus protection that is over 99% effective, far surpassing the industry average.
Learn more about our security products, or better yet, take the next step and book a demo today!
Making Money with MDR
August 28, 2024 | 1 PM ET | 10 AM PT
Are you an MSP who is looking for ways to make more money? MSPs looking to expand their services and boost their revenue should consider offering Managed Detection and Response (MDR) services. Join Chris McKie, Kaseya’s VP of Product Marketing, Networking and Security Solutions, for a profitable webinar. In this session you’ll learn:
- How MDR can enhance your offerings
- The ways that MDR improves security for your clients
- Why MDR is a smart choice for boosting your revenue
August 22: Kaseya+Datto Local Symposium Long Branch REGISTER NOW>>
August 28: Kaseya+Datto Connect Local New York REGISTER NOW>>
September 5: Phish or Legit? Put Your Phishing Detection Skills to the Test REGISTER NOW>>
September 12: Kaseya+Datto Connect Local Milton Keynes, UK REGISTER NOW>>
September 17: Kaseya+Datto Connect Local Los Angeles REGISTER NOW>>
September 19: Kaseya+Datto Connect Local The Netherlands REGISTER NOW>>
October 28 – 30: Kaseya DattoCon (Miami) REGISTER NOW>>
November 12 – 14: Kaseya DattoCon APAC (Sydney) REGISTER NOW>>
Read case studies of MSPs and businesses that have conquered challenges using Kaseya’s Security Suite. SEE CASE STUDIES>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!