The Week in Breach News: 2/17/21 – 2/23/21
From Kia hitting a ransomware bump in the road to Underwriters Laboratories’ fail and Simon Fraser University back for another cyberattack. Read this week’s cyber news from around the world.
Read the full article from the news source at IDAgent.
United States – Automatic Fund Transfer Services
https://www.bleepingcomputer.com/news/security/us-cities-disclose-data-breaches-after-vendors-ransomware-attack/
Exploit: Ransomware
Automatic Funds Transfer Services (AFTS): Payment Processor
Risk to Business: 1.879 = Severe
Cuba ransomware is the culprit of an attack at AFTS, a payment processor that serves state government clients including the states of California and Washington. This cyberattack has caused major disruption to AFTS operations, making their website unavailable and impacting payment processing. The gang claims to have stolen financial documents, correspondence with bank employees, account movements, balance sheets, and tax documents.
Individual Risk: 1.847 = Severe
It is unclear how many individuals may have been impacted. The California Department of Motor Vehicles and several cities in Washington state have released data breach notifications. The potential data exposed varies depending on the city or agency, but may include names, addresses, phone numbers, license plate numbers, VIN numbers, credit card information, scanned paper checks, and billing details.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware at your third party business services partner’s business is also your problem. It pays to make sure that your company’s credentials haven’t been exposed.
ID Agent to the Rescue: Watch for threats from the Dark Web without lifting a finger using Dark Web ID, 24/7/365 credential monitoring that alerts you to trouble fast. LEARN MORE>>
United States – Kia Motors America
https://www.bleepingcomputer.com/news/security/kia-motors-america-suffers-ransomware-attack-20-million-ransom/
Exploit: Ransomware
Kia Motors America: Ransomware
Risk to Business: 1.381 = Severe
Kia Motors America has experienced a suspected ransomware attack that has had a severe impact on its entire US operation. crippling some functions and impacting others for dealers and consumers. Sevices impacted include mobile UVO Link apps, phone services, payment systems, owner’s portal, and internal sites used by dealerships.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: 50 million
How it Could Affect Your Customers’ Business Ransomware can come calling at any time at any business with a devastating impact on operations, customer service, productivity and profit.
ID Agent to the Rescue: With BullPhish ID, staffers learn to spot and stop the latest phishing-based cyberattacks because we provide fresh content every month for training. LEARN MORE>>
United States – Sequoia Capital
https://www.axios.com/sequoia-capital-says-it-was-hacked-590dcdd6-fe49-46c6-8422-60a944272302.html
Exploit: Phishing
Sequoia Capital: Venture Capital Firm
Risk to Business: 1.933 = Severe
Sequoia Capital, a major venture capital firm, announced this week that it has experienced a phishing-related cyberattack. The firm invests in companies like Airbnb, DoorDash, Robinhood and cybersecurity firms like FireEye and Carbon Black. Sequoia’s investors include university endowments, tech executives and charitable foundations.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: More than 65 percent of cybercrime is phishing based. Training employees to spot and stop phishing is essential to avoid becoming one of those 65 percent of hacked companies.
ID Agent to the Rescue: Read our Security Awareness Champion’s Guide, for a complete walkthrough of today’s nastiest cyberattacks and the tricks that cybercriminals conduct them. GET THE BOOK>>
United States – Underwriters Laboratories
https://www.bleepingcomputer.com/news/security/underwriters-laboratories-ul-certification-giant-hit-by-ransomware/
Exploit: Ransomware
Underwriters Laboratories: Safety Regulator
Risk to Business: 2.022 = Severe
Underwriters Laboratories, the oldest and largest device safety certifier in the world, should have checked the safety of their email systems a little more closely. They’ve experienced a ransomware attack that has encrypted its servers and caused them to shut down systems while they recover.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is a huge hit to every company’s performance and budget – and it’s preventable through security awareness training.
ID Agent to the Rescue: BullPhish ID gets your staff ready to fight back against phishing, and that’s something that every business has to make a priority to protect their bottom line. SEE IT IN ACTION>>
Canada – Simon Fraser University
https://www.cbc.ca/news/canada/british-columbia/sfu-warns-cybertattack-exposed-personal-information-of-about-200-000-students-and-staff-1.5916153
Exploit: Hacking
Simon Fraser University: Institution of Higher Learning
Risk to Business: 1.623 = Severe
Simon Fraser University is in the spotlight again after another data breach. Cybercriminals breached a server that stored information on student and employee ID numbers and other data, including admissions or academic standing. This is the second data breach at Simon Fraser University in 12 months.
Individual Risk: 2.117 = Severe
The server contained personal information for some current and former students, faculty, staff and student applicants including student or employee ID numbers.
Customers Impacted: 200,000
How it Could Affect Your Customers’ Business: Continued security problems at any organization aren’t acceptable to consumers anymore as people become more serious about protecting their data.
ID Agent to the Rescue: Get The Road to Cyber Resilience to learn strategies and solutions that can make your business bounce back faster from cybersecurity failures. READ THE BOOK>>
Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>
The Netherlands – Dutch Research Council (NWO)
https://cybernews.com/news/internet-registry-for-europe-experienced-a-credential-stuffing-attack-claims-it-was-unsuccessful/
Exploit: Malware
Dutch Research Council: Government Entity
Risk to Business: 1.913 = Severe
NWO has reported that it was the victim of a malware attack. Servers belonging to the Dutch Research Council (NWO) have been compromised, forcing the organization to make its network unavailable and suspend subsidy allocation for the foreseeable future. Impacted functions include the organization’s email service (Outlook) and online resources for two entities under NWO, the Netherlands Initiative for Education Research (NRO) and the National Governing Body for Practice-oriented Research (SIA).
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Malware can strike when you least expect it and cause a cascade effect that ripples through an entire organization, gumming up the works, with an expensive cleanup.
ID Agent to the Rescue: Are you ready to defend against malware like ransomware? Learn how to keep your data from being a cybercriminal’s next score in our eBook Ransomware 101. GET IT>>
The Netherlands – Réseaux IP Européens Network Coordination Centre (RIPE NCC)
https://cybernews.com/news/internet-registry-for-europe-experienced-a-credential-stuffing-attack-claims-it-was-unsuccessful/
Exploit: Credential Stuffing
Réseaux IP Européens Network Coordination Centre (RIPE NCC): World Regulatory Body
Risk to Business: 1.913 = Severe
RIPE NCC has reported that it recently defended against a credential stuffing attack that attempted to breach its single sign-on system. There was minimal disruption and the organization has resumed operations normally.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Credential stuffing is a favorite cyberattack technique because it’s cheap and simple – and cybercriminals won’t be giving it up anytime soon.
ID Agent to the Rescue: Single sign on is a valuable mitigation, but it’s best coupled with multifactor authentication, and both are included with Passly. LEARN MORE>>
Want to Borrow Our Sales and Marketing Teams? OK!
Get expert sales and marketing help to power up your MSP in a flash with Powered Services Pro. LEARN MORE>>
France – Beneteau SA
https://www.bloomberg.com/news/articles/2021-02-21/beneteau-to-suspend-some-production-after-cyberattack
Exploit: Malware
Beneteau SA: Maritime Vessel Builder
Risk to Business: 2.062 = Severe
French boat builder Beneteau SA has experienced a malware attack that has forced it to temporarily suspend some operations. The company says that it will be deploying backups and production at some of its units, particularly in France, will have to slow down or stop for a few days.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Malware is frequently used to damage a company’s operations capability, and its most commonly delivered by a phishing email.
Read the full article at the source from ID Agent here.
TECHNOLOGY SOLUTIONS FROM JK CONSULTING
JK Technology Solutions is a Chicago-Based IT Consulting Company with over 100 years of combined engineering experience. Our Managed Services program rivals some of the best in the business for half the cost.
Our mission is to provide the highest quality service and solutions to businesses and individuals alike with the ability to work with any budget. We have built a team of support professionals with website, hardware, software and network experience in both the corporate and residential markets. We’ve also integrated our services into more than 30 different commercial markets.