Cybersecurity news provided by NetworkTigers on Monday, 22 February 2021.
SAN MATEO, CA — Kroger pharmacies cyber data breach, Accellion security breach, emergency response from California DMV, stolen data posted to dark web, Pfizer attacked by North Korean hackers, second major law firm reports confidential data compromised, Idaho county courthouse confirms data breach, ethical hackers sought and Navajo Nation hospital suffers cyberattack.
Kroger pharmacies hit with cyber data breach exposing customer healthcare information
Cincinnati, IL based grocery chain Kroger has disclosed that a cybersecurity breach occurring on January 23 has compromised the names and personal data of customers who used the grocer’s pharmacy and Little Clinic. The breach is one of many being reported as a result of hackers taking advantage of a vulnerability in file sharing company Accellion’s software. The data accessed includes Social Security numbers, prescription information, medication names, medical history, and doctor information. Due to the nature of the data exposed, the breach has been labeled as a violation of HIPPA (the Health Insurance Portability and Accountability Act of 1996). Read more.
Singapore telecommunications company Singtel compromised in Accellion security breach
The far reaching implications of Accellion’s cybersecurity data breach become more evident as Singapore telecommunications company Singtel has announced that 129,000 customers have had their data compromised. While Singtel states that the majority of the information leaked was not critical or sensitive, customer names, birth dates, addresses, and mobile numbers have reportedly been exposed as well as bank and credit card details belonging to some company staff. Singtel states that the company was only informed that the vulnerable Accellion product used to carry out the attack was at the end of its life late last month. Read More.
Ransomware attack on third party vendor prompts emergency response from California DMV
A February ransomware attack against address verification company Automatic Funds Transfer Services, Inc. (AFTS) has resulted in the California DMV initiating an emergency contract with a different company after it was discovered that the attack may have exposed personal data from the past 20 months. The DMV states that information such as Social Security numbers and voter registration information was not accessed in the attack, but that names, addresses, and vehicle registration data was vulnerable and may have been exposed. Read more.
Stolen data posted to dark web after North Carolina county computers accessed in ransomware attack
North Carolina’s Chatham County fell victim to an attack on their computer system after a phishing email containing a malicious attachment allowed hackers access to sensitive information in October of last year. The data was reportedly held ransom in exchange for a bitcoin amount valued at around $2.4 million. The county refused to pay and it has been revealed that the hackers involved have made good on their threat to release the information on the dark web, as personal information belonging to those affected has begun to appear online. Read more.
Pfizer cyber attacked by North Korean hackers
South Korean lawmakers have been informed that actors from North Korea have allegedly targeted Pfizer in an effort to steal data regarding its COVID-19 vaccine. It is currently unknown when exactly the cybersecurity hack occurred or what, if any, information was stolen. As the pandemic has taken humanity by storm, pharmaceutical companies developing vaccines have repeatedly been subjected to attacks from both Russian and North Korean entities as they probe for security vulnerabilities pertaining to research, technology, and information regarding healthcare policy and vaccine supply. Read more.
Jones Day second major law firm to report that sensitive data was acquired in Accellion cyber attack
The damage from a cybersecurity attack executed against file transfer company Accellion continues to grow in scope and magnitude as Jones Day joins Goodwin Proctor as the second major law firm to have reported that confidential client information and communications have been accessed and acquired in the hack. While no other law firms have thus far reported that they had been compromised, Accellion’s client list includes many powerful players including Barnes & Thornburg, Arent Fox, and Cozen O’Connor. The attack targeted a two decades old Accellion product which had already been known to contain troubling vulnerabilities. Read more.
Press release from Idaho county courthouse reveals personal information was accessed in cyberattack
Highlighting the fact that hackers do not only target high profile targets, a Bannock County, Idaho courthouse has disclosed that records containing the sensitive information of around 1,500 people spread across 12 states were accessed by an unauthorized user at the end of June of last year. Authorities report that at this time no data has been misused for criminal activity, although they admit that they do not know exactly what information may have been compromised or stolen and have instructed those who have been affected on how to get a free credit report. Read more.
Ethical hackers sought out to fight state sponsored cyber crime
As state sponsored cyber attacks increase in both frequency and sophistication, major financial institutions and government agencies are on the search for ethical hackers to help bolster their defenses. Companies are staging intense challenges for those interested in order to narrow the field of potential hires and determine candidates who are best equipped to tackle serious security threats at the highest level. Read more.
Navajo Nation hospital suffers cyberattack
A Navajo Nation hospital in Gallup, New Mexico has fallen victim to a cyberattack as staff and patients alike already struggle with the ravaging effects of the COVID-19 pandemic. The severity of the intrusion is not yet clear as the hospital awaits further information from a third party investigator tasked with addressing the issue. In a disturbing trend, more and more healthcare providers are finding themselves in the crosshairs of hackers and bad actors during a period of time when hospitalizations and the need for critical care are at record high levels. Read more.
NetworkTigers is a provider of used and refurbished Cisco, Arista, HPE and Sonicwall network switches, routers, firewalls and PDUs.
More cybersecurity news
Read more cybersecurity news and articles brought to you by NetworkTigers.
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com
Mike Syiek, CEO
1029 S. Claremont Ave
San Mateo, CA 94402