The Week in Breach News: 09/25/24 – 10/01/24
This week: Bad actors bring down MoneyGram; a scary attack on a water utility in Kansas; registration is open for our next Product Innovation Update webinars; and why every business needs a ransomware-specific incident response plan.
Read this week’s feature story: Why You Should Create a Specific Incident Response Plan for Ransomware
What challenges will IT pros face in the second half of 2024? Find out in the Mid-Year Cyber Risk Report. GET IT>>
MoneyGram
https://therecord.media/moneygram-services-restored-after-cyber-incident
Exploit: Hacking
Industry: Finance
MoneyGram, a peer-to-peer payments and money transfer service, has confirmed a cyberattack that took its systems offline starting on September 20, 2024. On September 22, the company informed customers that a network outage was disrupting connectivity to several systems, affecting both in-person and online transactions. In response, MoneyGram launched an investigation into the breach and contacted law enforcement. By the end of the week, the company announced progress in restoring its services, stating that some partners were now able to send and receive money, and pending transactions were being fulfilled.
How It Could Affect Your Customers’ Business: The banking and financial services sector is still a top target for cyberattacks, as it was in 2023.
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from often email-based cyberattacks like ransomware in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
MC2 Data
Exploit: Human Error
Industry: Business Services
MC2 Data, a background check company, has reported a data breach caused by human error. Approximately 2.2TB of sensitive data was left unprotected and publicly accessible on the internet, without password protection. The exposed data includes personal information such as names, birthdates, email addresses, phone numbers, passwords, IP addresses, property records and other confidential details. Additionally, information about clients seeking background checks was also compromised. MC2 Data operates several websites, including PrivateRecords.net, PrivateReports, PeopleSearcher, ThePeopleSearchers and PeopleSearchUSA.
How It Could Affect Your Customers’ Business: A data breach can negatively impact a company’s reputation, impacting both business and consumer relationships.
Kaseya to the Rescue: Learn about the factors that have shaped cybersecurity in 2024 and be ready for what’s next with the knowledge you’ll gain from our Midyear Cyber-risk Report 2024. GET REPORT>>
Nationwide Recovery Service
https://www.jdsupra.com/legalnews/nationwide-recovery-service-notifies-7462413
Exploit: Hacking
Industry: Business Services
On September 9, 2024, collections agency Nationwide Recovery Service (NRS) reported a data breach to the U.S. Department of Health and Human Services Office for Civil Rights after discovering unauthorized access to confidential information entrusted to the company. NRS stated that this breach allowed an unauthorized party to obtain sensitive consumer data. Following its investigation into the incident, NRS will begin notifying all individuals whose information was impacted by the security breach through official data breach notification letters.
How It Could Affect Your Customers’ Business: A data breach in a collections agency exposes sensitive client and debtor information, leading to severe financial, legal and reputational damage.
Kaseya to the Rescue: Learn more about the types of data that bad actors sell on the dark web and how they profit from it in The IT Professional’s Guide to Dark Web Defense. DOWNLOAD IT>>
Is building an in-house SOC a smart move? Our whitepaper breaks down the costs. READ IT>>
Ross, Anglim, Angelini & Co.
https://www.jdsupra.com/legalnews/ross-anglim-angelini-co-data-breach-4552790
Exploit: Hacking
Industry: Business Services
On September 26, 2024, accounting firm Ross, Anglim, Angelini & Co., LLP filed a data breach notice with the Massachusetts Attorney General after discovering a security incident that exposed sensitive information in its possession. According to the notice, the breach allowed unauthorized access to client data including sensitive personal data like names and Social Security numbers.
How It Could Affect Your Customers’ Business: A data breach at an accounting firm could expose sensitive client information, including personal and financial data, creating a loss of client trust.
Kaseya to the Rescue: Our infographic walks you through exactly how security awareness training prevents phishing from hooking unsuspecting employees. DOWNLOAD IT>>
Elitecare Emergency Hospital
https://www.hipaajournal.com/elitecare-emergency-hospital-data-breach
Exploit: Hacking
Industry: Healthcare
Elitecare Emergency Hospital in League City, TX, has informed 24,754 patients of a recent cybersecurity breach. Suspicious activity was first detected on July 10, 2024, prompting the hospital to shut down its systems to contain the issue. Third-party cybersecurity specialists were brought in to investigate the incident. By July 17, 2024, it was confirmed that an unauthorized individual had gained access to patients’ protected health information. While the exact data accessed varied by individual, it included personal details such as names, addresses, birthdates, phone numbers, and email addresses, along with potentially sensitive information like health insurance details, medical records, Social Security numbers or driver’s license and government IDs.
How it Could Affect Your Customers’ Business: A data breach at a healthcare provider is an expensive nightmare in both incident response and penalty costs.
Kaseya to the Rescue: Are you taking advantage of the amazing benefits you get when you combine RocketCyber Managed SOC and Datto EDR? This product brief outlines them all! DOWNLOAD IT>>
Michigan Medicine
https://www.aol.com/news/michigan-medicine-reports-years-second-173024448.html
Exploit: Phishing
Industry: Healthcare
Michigan Medicine revealed on Thursday that it has suffered its second cyberattack in just four months. This breach targeted employee email accounts and exposed the protected health information of nearly 58,000 individuals, including names, medical record numbers, and diagnostic or treatment details. The attack occurred on July 30, 2024, when a Michigan Medicine employee mistakenly approved an unsolicited multifactor authentication (MFA) request, granting the attacker access to the employee’s email and its sensitive contents.
How it Could Affect Your Customers’ Business: One mistake handling a phishing message can be a disaster for any organization, but regular training can prevent employees from falling for phishing.
Kaseya to the Rescue: Learn about five ways that businesses may be in danger of trouble from the dark web in an infographic that’s also perfect for sharing on social media! DOWNLOAD IT>>
Arkansas City, Kansas
https://securityboulevard.com/2024/09/city-water-facility-in-kansas-hit-by-cyberattack/
Exploit: Hacking
Industry: Government
The town of Arkansas City, Kansas, experienced a cyberattack on its water utility system. Officials reported a “cybersecurity issue” at the water treatment facility on September 22, and precautionary measures were implemented to secure the plant. This included switching to manual operations while the issue was being addressed. Despite the incident, there has been no disruption to water services, and officials confirmed that the water supply remains entirely safe for residents to consume.
How it Could Affect Your Customers’ Business: cyberattacks on infrastructure are a growing problem that everyone needs to worry about to preserve public safety.
Kaseya to the Rescue: Run more effective security awareness and phishing resistance campaigns with this infographic featuring 10 expert tips to maximize your training programs. DOWNLOAD IT>>
See the keys to selecting a Managed SOC to find the perfect one for your clients & your MSP. GET CHECKLIST>>
The Netherlands – Dutch National Police
https://www.politico.eu/article/dutch-police-officers-details-stolen-hack-cyberattack-netherlands/
Exploit: Hacking
Industry: Government
In a recent cyberattack, the names of all Dutch police officers were stolen, along with their work-related contact details. According to a spokesperson, the hackers gained access to this sensitive information through a compromised email account. The stolen data may include names, email addresses, and phone numbers. The incident is currently under investigation by the police, and the Dutch data protection authority has been notified. The Dutch national police force comprises approximately 62,000 officers.
How it Could Affect Your Customers’ Business: The type of information stolen in this incident can be used for blackmail and other dangerous purposes.
Kaseya to the Rescue: A bewildering array of acronyms are used for cybersecurity technologies. This infographic breaks down six of them. DOWNLOAD IT>>
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
Feature Story: Why You Should Create a Specific Incident Response Plan for Ransomware
In this week’s feature, we take a look at why companies should create and drill a tailored incident response plan for ransomware and how it helps companies save money and bounce back faster.
Register now for our next Product Innovation Update webinars
Are you ready to see what is next for BullPhish ID, Dark Web ID, Graphus and RocketCyber? Join our product managers to learn about new time-saving product integrations and the latest features and enhancements, including mini demos of the most exciting features. Reserve your seat now for these upcoming product update webinars.
- ID Agent & Graphus Product Innovation Update webinar:
- October 8, 2024, at 11 AM ET REGISTER HERE>>
- RocketCyber & Datto EDR Product Innovation Update webinar:
- December 3, 2024, at 10 AM ET REGISTER HERE>>
Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>
Get your Comprehensive Guide to Email-based Cyberattacks
Email is the leading entry point for cyberattacks across all industries. However, businesses can reduce their vulnerability by implementing proactive measures. A strong defense can be built by understanding attackers’ tactics and crafting an effective strategy to counter them.
- Learn about many varieties of email-based cyberattacks.
- Explore how employees get caught in cybercriminals’ traps.
- Get actionable insights to help you protect businesses from trouble.
Did you miss…the infographic Upgrade Your Business’ IT Defense with RocketCyber? DOWNLOAD IT>>
See why choosing a smarter SOC is a smart business decision. DOWNLOAD AN EBOOK>>
Are you ready for Kaseya DattoCon Miami?
October 28 – 30, 2024 | Fontainebleau, Miami Beach, FL
Get ready for Kaseya DattoCon in Miami! This exciting event is your chance to boost your security expertise and gain valuable technical insights from top industry experts. Network with peers and meet influential leaders in the field. You’ll return to the office with actionable strategies to implement right away. Here’s why you can’t miss DattoCon Miami, where you will:
- Learn about industry trends from Kaseya CEO Fred Voccola, industry experts, and special guests.
- Engage with peers and experts in sessions focused on IT business, cybersecurity, automation, sales and marketing.
- Become a Kaseya Certified Administrator by the end of the event.
- Celebrate at the DattoCon Awards, recognizing innovation and excellence in IT.
Plus, Halloween-themed fun and an amazing announcement will round out the schedule of events. REGISTER NOW>>
October 17: Kaseya+Datto Connect Local Washington D.C. REGISTER NOW>>
October 28 – 30: Kaseya DattoCon (Miami) REGISTER NOW>>
November 12 – 14: Kaseya DattoCon APAC (Sydney) REGISTER NOW>>
Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!