Cyberattacks and data thefts are such a major problem today that there will be at least a few phishing attempts by the time you finish reading this post. The importance of phishing prevention measures cannot be stressed enough. Here are the major headlines from the past week to help you better plan your organizational security.
1. Data Breach Hits ARcare
US-based healthcare provider – ARcare recently underwent a data breach that compromised the personal information of 345,000 individuals across its facilities in Arkansas, Mississippi, and Kentucky. The data breach alert published by the provider noted that it underwent a security incident on 24th February, which affected its computer systems and disrupted its services. Soon after detecting the incident, ARcare took anti-phishing protection measures and investigated the breach.
After the investigation concluded on 14th March 2022, the hospital realized that the malicious actor had been accessing its network for five weeks between 18th January and 24th February 2022. The information exposed to this breach could include an individual’s name, DOB, state identification number, social security number, financial account details, driver’s license, medical treatment, and diagnosis details, prescription information, and health insurance information.
So far, the provider has no reason to believe that the affected information has been misused. After the provider gained certainty on the leak of individuals’ personal information on 4th April, it began notifying them on 25th April. It also informed security regulators and law enforcement around the same time. ARcare is now reviewing its policies and procedures to ensure that such an incident doesn’t happen again.
2. DDoS Attacks Target Several Romanian Government Websites
A recent press release indicates that several Romanian government websites recently underwent DDoS attacks, including the Defense Ministry. The affected websites include mapn.ro, gov.ro, cfrcalatori.ro [National RailRoads], politiadefrontiera.ro [Border Police], and the financial institution’s websites.
While the Defense Ministry assured that the attack did not compromise the website’s operations and only blocked users’ access, government IT specialists are taking a closer look at the incident. Fortunately, the attack was limited to the defense ministry’s website and did not affect other computer networks or services. Since the website does not contain any sensitive databases, no information was leaked. Romania’s Defense Minister Vasile Dincu said that such attacks are just symbolic and do not affect control systems and databases. He said the government IT specialists have the phishing protection measures to tackle such orchestrated attacks.
3. Spanish Prime Minister’s Phone Targeted by Spyware
Spain’s Prime Minister Pedro Sanchez and Defense Minister Margarita Robles had their mobile phones infected by spyware. It was eventually revealed that the Pegasus spyware created by Israel’s NSO Group was used for the attack. The spyware infiltrated the prime minister’s phone in May 2021, and that of the defense minister’s in June 2021. The adversaries stole sensitive national data from the phones of these top bureaucratic leaders. NSO Group leaders said they were not aware that Pegasus was used for this attack and considered it a severe technology misuse.
NSO has extended its cooperation for investigations into this breach and clarified that it is merely a software provider – an organization not involved in any data collection activities. The Pegasus software is supposed to be a medium for governments to monitor terrorism and criminal activity and terrorism. While the Biden government and several tech giants have condemned the company for human rights violations, it has expressed its solidarity with visions to prevent phishing attacks. Investigations into the hacking of Romanian government officials’ phones continue, and the national court will likely be handling the investigation.
4. Ransomware Hits Kellogg Community College
A ransomware attack recently targeted Kellogg Community College, which temporarily compelled it to suspend all classes. The attack affected the digital proceedings of all five Kellogg campuses located in Michigan because of which the campuses are to remain closed till all investigations are over. As part of its measures for protection against phishing, the college will force a password reset for all faculty, staff, and students – something very essential to prevent any further loss of information.
In its breach notification alert, the college assured students and faculty that it is adopting necessary measures to ensure zero disruption in students’ academic pursuits and coursework completion and has requested their patience and cooperation in these tough times.
5. Cyberattack Targets Car Rental Giant Sixt
A cyberattack recently hit the car rental giant Sixt which brought down its non-essential systems. Sixt is a thriving rental service with over two thousand locations across 100 countries. Owing to the cyberattack, the company shut down its IT operations on 29th April. Only essential systems remained operational during that time, such as the mobile apps and the website.
Sixt clarified that customers and employees must anticipate disruptions at this point, although the attack’s impact has been minimal. While the company has provided business continuity for customers, certain services in selective branches and customer care centers might be occasionally disrupted. Sixt temporarily took to manual means of booking cars and used automated messages to inform customers that they were facing technical problems.
Since it’s the tourist season, ransomware operators target Sixt and other car rental companies. As part of its measures for protection from phishing, the company has launched an investigation into the breach, but so far, information is scant. The organization requested customers’ patience and cooperation until the systems were entirely restored.
6. Data Breach Hits Riviera Utilities
The utility company Riviera Utilities was recently hit by a data breach where adversaries accessed its employee email accounts. Consequently, the personal details of its customers were compromised. As per the company’s reports, only a limited number of individuals had their information exposed. The exposed data includes their names, driver’s license, social security numbers, state identification numbers, medical information, passport numbers, health insurance information, and credit or debit information.
An investigation was launched soon after the attack, which revealed that the email accounts were accessed by the attackers around 17th October 2021. As part of its anti-phishing measures, the company informed all affected individuals of the breach on 26th April 2022. It mentioned that no personal information submitted on the company’s website was affected by the breach. So far, there is no evidence to prove the misuse of any of the stolen data. However, Riviera Utilities is providing free credit monitoring services to all affected individuals.
7. Cyberattack Hits AIS Online Application
A cyberattack recently targeted the Authorized Inspection Scheme (AIS) online application. The AIS allows inspectors to check vehicles and maintain a minimum safety standard. Becoming an authorized examiner would require online applicants to submit personal details such as their names, contact numbers, addresses, DOBs, email addresses, and driver’s license numbers. In the recent attack, an unauthorized attacker accessed many applications’ user accounts.
Transport for NSW has extended its apologies to customers for this unfortunate event. It advises them not to respond to suspicious calls, messages, or emails from Transport for NSW. Last year too, the agency was affected by the Accellion breach. But this time, Transport for NSW claims to have adopted robust phishing attack prevention measures to prevent such attacks.