January 19, 2022

Cybercriminals are snatching up financial data, bad actors rain on Parasol’s parade, 5 tips to help you secure your customers in 2022 and rocket fuel for your revenue. 



Medical Review Institute of America (MRIoA)

https://www.securityweek.com/mrioa-discloses-data-breach-affecting-134000-people

Exploit: Ransomware

Medical Review Institute of America (MRIoA): Medical Analytics

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.227= Severe

Utah-based medical information and analysis company Medical Review Institute of America (MRIoA)  announced that it has experienced a data breach. The incident was discovered on November 9, 2021, and officials were able to confirm that data had been stolen by November 16, 2021.  In a data breach filing, the company said that over 134,000 individuals were impacted by the incident which is still under investigation. The company did say that it “retrieved and subsequently confirmed the deletion of” stolen data, but no information was released about a ransom amount or if they paid the ransom.  

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.801= Severe

Protected health information was snatched including patients’ names, gender, physical and email addresses, phone numbers, birth dates, Social Security numbers, full clinical information (including diagnosis, treatment, medical history, and lab test results) and financial information (such as health insurance policy and group plan number). 

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses.

ID Agent to the Rescue: Learn more about how ransomware is evolving and get tips for protecting your clients in 2022 in our hit eBook Ransomware ExposedGET THIS EBOOK>>   


The Metropolitan Detention Center (MDC)

https://www.techtimes.com/articles/270004/20220103/hospital-data-breach-personal-info-1-3-million-patients-staff-data-breach.htm 

Exploit: Ransomware

The Metropolitan Detention Center (MDC): Prison 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.223 =Severe

New Mexico prison officials had a problem on their hands as a ransomware attack impacted county computer systems resulting in a lockdown of the Metropolitan Detention Center (MDC) in Bernalillo County, New Mexico. The prison was not directly targeted. Inmates were forced to stay in their cells since the attack impacted the facility’s security camera networks, automated doors and internet service. Inmates and jailors were also unable to videoconference for trials. Reports say that a number of databases are suspected of being compromised or corrupted including an incident tracker which records inmate fights, attacks, as well as allegations of prison rape and sexual assault.  

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.419=Severe

The exposed personal data for patients and former patients at Broward health may include Social Security numbers, bank or financial account information, driver’s license numbers, names, addresses, telephone numbers and hospital payment account information. Protected health information including medical information like care history, condition, treatment and diagnosis records may also have been exposed.  

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Ransomware can cause serious operational problems in unexpected places in today’s connected world.

ID Agent to the Rescue: Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>>


Illuminate Education

https://nypost.com/2022/01/15/nyc-schools-crippled-by-illuminate-educations-data-outage/

Exploit: Hacking

Illuminate Education: Education Platform

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.717= Severe

Illuminate Education, a digital education platform used by 5,200 schools and districts in the US, is still struggling to resume services after a cyberattack. The company owns popular school management platforms Skedula and PupilPath. Illuminate Education says it has continued experiencing a service interruption affecting all IO Classroom applications for nearly 10 days following an unspecified security incident. Investigation and recovery are underway, but the platform has not provided a recent update on the expected timeline.  

Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Cybercriminals have been all over targets in the education sector including companies that serve it. Companies should use caution.

ID Agent to the Rescue:  Make sure that your clients are doing everything right to stop system and data security threats with the Computer Security To-Do List checklist, available now! GET THIS CHECKLIST>>   


TransCredit

https://www.websiteplanet.com/blog/transcredit-leak-report/

Exploit: Misconfiguration

TransCredit: Credit Analysis & Reporting

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.719 = Severe

Over half a million credit reports and other financial documents held by Florida-based financial analysis firm TransCredit have been exposed. The Website Planet research team reported discovering a non-password-protected database that contained 822,789 records. Researchers cautioned that this dataset appears to be concentrated on clients in the transportation sector.  

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.719 = Severe

The exposed data includes detailed information on trucking, transport companies and individual drivers. Also included in this data was information about credit accounts, loans, repayment and debt collections as well as financial data like banking information, tax ID numbers and Social Security Numbers.  

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.

ID Agent to the Rescue: Employees are the most likely cause of a cybersecurity incident in any business. See how to spot and stop insider risks in our new Guide to Reducing Insider Risk. DOWNLOAD IT NOW>> 


90% of MSPs have had clients hit with a ransomware attack in the last 12 months. Help your clients build stronger defenses with the insight in Ransomware Exposed! DOWNLOAD NOW>>



United Kingdom – Parasol Group

https://www.theregister.com/2022/01/17/umbrella_company_parasol_group_confirms/

Exploit: Hacking

Parasol Group: Business Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.727= Severe

UK umbrella company Parasol Group was forced to shut down some of its IT systems last week after an intrusion was detected. The outage impacted the company’s MyParasol payment portal for contractors and freelancers, leading to payroll issues that caused some folks to not get paid. The company is also having invoicing problems as a result of the incident.  

Individual Impact: No information about exposed customer personal or financial data was available at press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.

ID Agent to the Rescue Reduce the chance of a security incident, strengthen your clients’ security culture and start them off on the right foot in 2022 with our Building a Strong Security Culture Checklist. GET THE CHECKLIST>>


Germany – Hensoldt

https://www.bleepingcomputer.com/news/security/global-it-services-provider-inetum-hit-by-ransomware-attack/ 

Exploit: Ransomware 

Hensoldt: Defense Contractor

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.677 = Severe

Multinational defense contractor Hensoldt was hit with a ransomware attack by the Lorenz ransomware group. The company’s products include radar arrays, avionics, and laser rangefinders used by the US military. The Lorenz ransomware group claims to have stolen an undisclosed number of files from Hensholdt’s network during the attack. The gang says that they have published 95% of all stolen files on their leak website. No ransom demand has been announced.

Individual Impact: No consumer or employee PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Cybercriminals don’t just steal personal and financial data, they also love trade secrets, research, formulas and other proprietary data.

ID Agent to the Rescue Learn 4 highly effective ways to protect your clients from ransomware now and set them up for future defensive success in one fun, educational webinar! WATCH NOW>>


Make sure your clients have all the bases covered with the Computer Security To-Do Checklist! GET IT>>



The Philippines – Commission on Elections (Comelec)

https://mb.com.ph/2022/01/10/comelec-servers-hacked-downloaded-data-may-include-information-that-could-affect-2022-elections/

Exploit: Hacking

Commission on Elections (Comelec): Government Agency 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.806 = Severe

Concerns are mounting about the possibility that sensitive voter data has been exposed after an audacious attack on the Commission on Elections (Comelec) of The Philippines. Bad actors breached the system of the Comelec on January 8 and downloaded files that included sensitive information including the usernames and PINS of vote-counting machines (VCM). The cybercriminals made off with an estimated 60 gigabytes of data. Reports say that the stolen data included network diagrams, IP addresses, list of all privileged users, domain admin credentials, list of all passwords and domain policies, access to the ballot handling dashboard and QR code captures of the bureau of canvassers with login and password. The exposure of this data may impact upcoming elections in The Philippines in May.

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Government agencies have become juicy targets for cybercriminals looking to score a boatload ofsensitive information fast.

ID Agent to the Rescue Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>   


Thailand – Siriraj Hospital

https://www.straitstimes.com/singapore/consumer/personal-data-of-og-department-store-customers-leaked 

Exploit: Hacking

Siriraj Hospital: Medical Center 

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.721 = Moderate

An estimated 39 million patient records from Siriraj Hospital in Thailand, including VIP patients, has turned up for sale on the dark web. Threat actors offered samples from the 38.9 million patient records they claimed to have. This is the second attack on a major Thai hospital in 6 months.  

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.605 = Moderate

The treasure trove of data supposedly includes names, addresses, Thai IDs, phone numbers, gender details, dates of birth and other patient personal information. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.

ID Agent to the Rescue Phishing is the leading driver of a data breach. Our eBook The Phish Files can help you gain a strategic edge against phishing. GET THE BOOK>> 


Is that password compromised? Find out now with our Password Compromise Checker! CHECK A PASSWORD>>



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.