The Week in Breach News: 10/02/24 – 10/08/24
This week: A data breach causes frightful trouble for a horror game studio; a cyberattack strikes Michigan’s largest county, new functionality allows embedding YouTube videos in BullPhish ID; and insights into building their customers’ cyber resilience for managed services providers (MSPs).
Read this week’s feature story: How MSPs Can Help Customers Build Cyber Resilience for Cybersecurity Awareness Month
What challenges will IT pros face in the second half of 2024? Find out in the Mid-Year Cyber Risk Report. GET IT>>
Wayne County, Michigan
https://therecord.media/detroit-wayne-county-services-impacted-cyberattack
Exploit: Ransomware
Industry: Government
Wayne County, Michigan is dealing with a cyberattack that has shut down all government websites and limited the operations of several offices. Corrections officers within the Wayne County Sheriff’s Office have struggled to process inmates, the Wayne County Treasurer’s Office has had issues collecting taxes online and the Wayne County Register of Deeds Office closed early on Wednesday. Impacted services have been transitioned to backup processes to maintain operations, and the county expects to have services restored soon.
How It Could Affect Your Customers’ Business: Governments and government agencies at every level are prime targets for ransomware and other cyberattacks.
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from often email-based cyberattacks like ransomware in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
Ward Transport & Logistics
https://www.jdsupra.com/legalnews/ward-transport-sends-data-breach-7863091
Exploit: Hacking
Industry: Transportation
Trucking company Ward Transport & Logistics reported a data breach to the Massachusetts Attorney General on October 2. The company said that it discovered unauthorized access to sensitive employee data. The information exposed may include, names, Social Security numbers, financial details, medical records and driver’s license numbers. The company has since notified affected individuals.
How It Could Affect Your Customers’ Business: A data breach can negatively impact a company’s reputation, impacting both business and consumer relationships.
Kaseya to the Rescue: Learn about the factors that have shaped cybersecurity in 2024 and be ready for what’s next with the knowledge you’ll gain from our Midyear Cyber-risk Report 2024. GET REPORT>>
Casino Fandango
https://www.jdsupra.com/legalnews/casino-fandango-files-official-notice-2679576
Exploit: Hacking
Industry: Hospitality
Casino Fandango reported a data breach to the Montana Attorney General on September 23, 2024, after discovering unauthorized access to its network. The company said that sensitive consumer information had been compromised in the incident but did not specify the exact nature of the exposed data. The breach occurred between June 8 and June 13, 2024. Following the incident, the company secured its systems, notified law enforcement, and began notifying affected individuals.
How It Could Affect Your Customers’ Business: Casinos around the world have had major trouble with cybercrime in the past two years
Kaseya to the Rescue: Learn more about the types of data that bad actors sell on the dark web and how they profit from it in The IT Professional’s Guide to Dark Web Defense. DOWNLOAD IT>>
Is building an in-house SOC a smart move? Our whitepaper breaks down the costs. READ IT>>
Fortinet
https://www.dmnews.com/fortinet-confirms-data-breach-files-stolen/
Exploit: Hacking
Industry: Technology
Fortinet confirmed a data breach after a hacker calling themselves “Fortibitch” claimed to have stolen 440GB of files from the company’s SharePoint server. Fortinet said that the breach involved unauthorized access to a limited number of files from a third-party cloud-based drive, affecting less than 0.3% of Fortinet’s customers. The company has communicated with impacted customers and stated there was no malicious activity, ransomware or encryption involved. Fortinet’s operations and services remain unaffected.
How It Could Affect Your Customers’ Business: Every business of every size in any industry can experience a data breach or cyberattack.
Kaseya to the Rescue: Our infographic walks you through exactly how security awareness training prevents phishing from hooking unsuspecting employees. DOWNLOAD IT>>
Great People
https://www.jdsupra.com/legalnews/find-great-people-data-breach-affects-7132415
Exploit: Hacking
Industry: Business Services
Human resources consulting firm Find Great People has reported a data breach to the Maine Attorney General. The company said that it had discovered unauthorized access to its network. In the intrusion, bad actors stole sensitive information about job seekers such as names, addresses, Social Security numbers, financial details and medical information. The company has since notified affected individuals.
How it Could Affect Your Customers’ Business: An intrusion at an employment agency or job placement firm can be very profitable for a bad actor.
Kaseya to the Rescue: Are you taking advantage of the amazing benefits you get when you combine RocketCyber Managed SOC and Datto EDR? This product brief outlines them all! DOWNLOAD IT>>
Learn how to spot today’s most dangerous cyberattack & get defensive tips in Phishing 101 GET EBOOK>>
Red Barrels
https://cybernews.com/security/red-barrel-major-data-breach-delays
Exploit: Hacking
Industry: Entertainment
Canada-based game studio Red Barrels, creator of the popular horror game “Outlast”, has disclosed that it experienced a data breach October 2. Apparently, threat actors were able to access some of its data. The company assured players that their information hasn’t been compromised. However, the company acknowledged that the incident will have a significant impact on internal processes that will cause delays in the development and release of new games or content for existing games. A gang calling themselves Nitrogen has claimed responsibility for the hack, claiming they stole 1.8TB of data from the company, including invoices, company info and game mock-ups.
How it Could Affect Your Customers’ Business: A cyberattack can lead to more than just data theft including a ripple effect of damage and negative consequences.
Kaseya to the Rescue: Learn about five ways that businesses may be in danger of trouble from the dark web in an infographic that’s also perfect for sharing on social media! DOWNLOAD IT>>
See what the biggest cybersecurity challenges are right now in our Mid-Year Cyber Risk Report 2023. DOWNLOAD IT>>
France – Agence France-Presse (AFP)
Exploit: Hacking
Industry: Media
Agence France-Presse (AFP) has reported a potential data breach to French regulators following a recent cyberattack that impacted its news delivery service. AFP has not provided details on whether customer data was compromised, but reports suggest that FTP server credentials may have been affected. The French data protection agency, CNIL, is investigating the breach, and the nature of the attack remains unknown.
How it Could Affect Your Customers’ Business: A cyberattack on a major news service could be garden-variety cybercrime or something more sinister.
Kaseya to the Rescue: Run more effective security awareness and phishing resistance campaigns with this infographic featuring 10 expert tips to maximize your training programs. DOWNLOAD IT>>
See the keys to selecting a Managed SOC to find the perfect one for your clients & your MSP. GET CHECKLIST>>
Australia – Bloom Hearing Specialists
https://www.politico.eu/article/dutch-police-officers-details-stolen-hack-cyberattack-netherlands/
Exploit: Ransomware
Industry: Healthcare
Bloom Hearing Specialists has disclosed a ransomware attack that may have exposed the sensitive data of thousands of customers. The exposed data may include a patient’s bank details, records and insurance information. The clinic said that it is investigating the incident in concert with the local authorities. Some or all of the stolen data may soon be published on the dark web. Bloom Hearing Specialists has over 200 locations in Australia and New Zealand.
How it Could Affect Your Customers’ Business: This could be a profitable score for bad actors but it will be an expensive nightmare for the healthcare provider.
Kaseya to the Rescue: A bewildering array of acronyms are used for cybersecurity technologies. This infographic breaks down six of them. DOWNLOAD IT>>
Find out about five of today’s biggest dark web threats to businesses in this infographic. DOWNLOAD IT>>
Read this week’s feature story : How MSPs Can Help Customers Build Cyber Resilience for Cybersecurity Awareness Month
As Cybersecurity Awareness Month 2024 unfolds, it’s the perfect time for MSPs to help customers strengthen their cyber resilience in the face of evolving threats like ransomware, phishing and AI-driven cyber threats – and these 12 tips with help you get started.
Embed YouTube videos in custom training courses
Ready to spice up your cybersecurity awareness training? Now when you create a custom training course, make it even more effective by adding a content item for a YouTube video from your YouTube account. Just add the URL to the field provided when you create a new training course. Get all the details in the BullPhish ID release notes. READ MORE>>
Learn more about growing supply chain risk for businesses and how to mitigate it in a fresh eBook. DOWNLOAD IT>>
Download a new eBook:The Anti-phishing Email Security Buyer’s Guide
Phishing is the most prevalent cyber threat that businesses face today, and one of the most dangerous. Many seriously damaging cyberattacks, such as ransomware and business email compromise (BEC), often begin with a phishing email. Blocking phishing messages from reaching employees is crucial to reducing the risk of cyberattacks and data breaches. But it’s a daunting task. We can help.
In our new eBook The Anti-phishing Email Security Buyer’s Guide, you’ll learn:
- Effective strategies for preventing phishing emails from reaching your employees.
- The importance of adopting a multilayered approach to phishing protection.
- How to effortlessly mitigate phishing risks.
- Key features to look for in an anti-phishing solution.
Did you miss…the infographic The Top Cyberthreats Schools Face and How to Stop Them? DOWNLOAD IT>>
See why choosing a smarter SOC is a smart business decision. DOWNLOAD AN EBOOK>>
Stay Ahead of Cyberthreats: Exclusive Findings from Kaseya’s 2024 Cybersecurity Survey
October 17, 2024 | 1 PM ET / 10 AM PT
Our 2024 Kaseya Cybersecurity Survey Report offers key insights on AI’s impact, phishing trends and ransomware – and you can be among the first to hear about them! Join our webinar to explore these findings including:
- The growing role of AI for both threat actors and defenders
- How user behavior has emerged as a major challenge and how to address it
- Data-backed insights on how to prepare for 2025 and beyond
October 17: Kaseya+Datto Connect Local Washington D.C. REGISTER NOW>>
October 28 – 30: Kaseya DattoCon (Miami) REGISTER NOW>>
November 12 – 14: Kaseya DattoCon APAC (Sydney) REGISTER NOW>>
Explore how AI technology helps businesses mount a strong defense against phishing GET INFOGRAPHIC>>
Do you have comments? Requests? News tips? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
Partners: Feel free to reuse this content. When you get a chance, email [email protected] to let us know how our content works for you!