Here’s your Cyber Security Incidents Update for wk18 2024
(a once-a-week on Monday glimpse into just a fraction of the Cyber Security events of the previous week to inform regarding the depth and breadth of the incidents world-wide)
-Organisation
⦿ Financial Business and Consumer Solutions (FBCS), Maine, USA. Debt Collection Agency
-Data compromised
⦿ "Unauthorised access to certain systems in its network" may have resulted in the access or exfiltration of names, dates of birth, Social Security numbers, and account information of 2 MILLION individuals
-Organisation
⦿ The council for the Outer Hebrides (aka Comhairle nan Eilean Siar), Scotland, UK
-Data compromised
⦿ The council has stated that it may take a further 6 months, and cost as much as £500,000, to repair its computer systems following a ransomware attack last November
-Organisation
⦿ (Update) Cannes Hospital Centre – Simone Veil (CHC-SV), Cannes, France (reported in week 17)
-Data compromised
⦿ The hospital, which cut off access to it's computer systems, has reported that it has received a ransomware demand (DID see that one coming) which it has refused to pay. The attack has caused severe operational disruption
One piece of good news 👍:
A hacker in Finland, Aleksanteri Kivimäki, has been charged with more than 30,000 counts of attempted extortion. Mr Kivimäki breached a psychotherapy centre and when the centre refused to pay a ransom, began to extort individual patients by threatening to publish their stolen information online (what a charmer). He has been sentenced to more than six years in prison (seems light for causing that amount of pain but 👏 👏)
One final note:
(Update) UnitedHealth, owners of Change Healthcare (reported on in week 12) has stated that a ransomware attack which will cost more than $800 MILLION to rectify and for which a $22 MILLION ransom was paid, was caused by an employee's credentials stolen by information-stealing malware. The credentials, which gave access to a Citrix gateway, DID NOT HAVE MFA ENABLED 🤦♂️ 😱