There can never be an assurance of complete phishing attack prevention attached to any cybersecurity solution. Cyber adversaries are getting sophisticated and innovative by the day, and a mere click on a link received in a spam email is enough to jeopardize your information assets today. However, it does not mean that organizations must not take any measures. One of these crucial measures includes studying recent cyberattacks that can help you devise a comprehensive phishing attack prevention strategy. Here are the top phishing headlines from last week.
Data Breach Affects 3,200 Children From Daycares at the Durham Region
Around 3200 children from some 80 Toronto-based daycares have their vaccination records exposed online since March 2021. The information was stolen from cyberattacks on the daycares of Durham Region and posted on a data leak site owned by a Ukrainian group. When the parent of a two-year-old received a notification that some of his information was leaked, he was clueless about the nature of the compromised data and could take no specific measures to prevent phishing attacks.
Some daycares have been instructed to stop sending out vaccination details to ensure that no vaccination details get leaked further. Kindertots Child Care Centre in Ajax has been keeping track of its vaccination details independently since it was first informed of the breach in April. From the looks of it, threat actors at the CLOP group may have gained access to an Accellion file transfer system. As per the latest updates, the Accellion software has now been fixed. However, the Durham region has stopped using the third-party (Accellion) software. Although the nature of the information leaked is of little significance to launch further attacks, it is still irresponsible to let sensitive information be accessed by threat actors this way.
Data Breach Hits Employees of US Waste Management Firm
Waste Management Resources is a US waste management firm that underwent a cyberattack back in January 2021. The firm notified the affected employees and mentioned the information exposed. The exposed details included the names, driver’s license numbers, DOBs, Social Security Numbers, government and state ID numbers, taxpayer-identification numbers, and banking and card details of employees. It further exposed the medical information of employees and their dependents and other information such as usernames, passport numbers, email addresses, and passwords of financial accounts. Such an extensive collection of information, if stolen and exposed, can most certainly put a person’s identity at risk.
Soon after detecting the attack on 21 January, the firm launched an investigation which revealed that the attackers accessed their HR Resources between 21-23 January 2021. While this breach did not affect the firm’s operations, the exposure of the sensitive information belonging to employees and their dependents is a cause of grave concern. All affected individuals must keep an eye on their credit reports and take necessary anti-phishing protection measures.
Cyberattack Hits FOID Card Holders In Illinois
The Illinois State Police (ISP) underwent a cyberattack last week in which the adversaries accessed its Firearm Owners Identification (FOID) card portal. Consequently, the personal information of over 2,000 citizens possessing FOID cards was compromised.
As part of their anti-phishing measures, the ISP has disabled some of their online account features. They have also reached out to all the 2,000 FOID cardholders and limited the use and access of the sensitive information submitted by citizens on the portal. This isn’t the first time that a cyberattack has hit the Illinois State government. It was just in April that the government spent $2.5 million in taxpayer money to reestablish compromised systems. The Illinois Department of Employment Security has had the same fate too.
Ransomware Hits St. Joseph’s Candler, Georgia
St. Joseph’s/Candler (SJ/C) is one of the leading health systems in Georgia, which was undergoing a data breach for six months (between December 2020 and June 2021). The breach ultimately culminated into a ransomware attack which was first discovered on 17 June 2021. Since its computer systems were brought down, the hospital used social media to inform patients about the security incident. SJ/C took immediate measures to limit the impact of the attack and isolated the infected systems.
As investigations continued, SJ/C took to traditional methods and used pen and paper to complete their paperwork. However, medical procedures such as imaging, surgery, primary care, and physician appointments remained unaffected. The investigation revealed that the PII and PHI (names, addresses, social security numbers, DOBs, driver’s license number, billing details, patient account number, financial and health insurance plan member ID, medical history etc.) of SJ/C employees and patients were accessed by the attackers. Therefore, the hospital began notifying them around 10 August. As part of its measures for protection against phishing, the hospital is providing free identity protection and credit monitoring to all victims.
Data Breach At SeniorAdvisor
The US-based senior care review website SeniorAdvisor recently underwent a data breach that affected millions of senior citizens in North America. SeniorAdvisor left a misconfigured Amazon S3 bucket with the personal information of millions of people in it, available online without any encryption. Consequently, 182 GB of their data was exposed, including citizens’ names, phone numbers, and email addresses. The files belong to users from the period 2002-2013.
After being notified, SeniorAdvisor secured the database, but this still does not assure security from phishing attacks for all those users whose personal information was accessible online for an unknown period before discovery. This attack calls for special worries because the affected group involves senior citizens who are more susceptible to cyberattacks. Even if SeniorAdvisor adopts the phishing prevention best practices now, it can still not protect all its affected users, who are primarily senior citizens.
Data Breach Hits New York City Public School Students And Employees
Over 3,000 New York City Public school students and 100 staff members from the education department had their personal information exposed in a recent data breach. Although the education department hasn’t disclosed how the breach occurred, it was reported that at least one student in the school system could access Google Drive containing all this private information about students and staff. The information contained on Drive included the academic records (in the case of students) and biographical data (of students and staff).
Fortunately, social security numbers were not recorded by the city. All affected individuals were notified about the breach via email. Investigations suggest no evidence of the data being misused or shared further. Nonetheless, the education department is offering two years of free credit monitoring to all affected individuals.
Cyberattack Hits Chanel Korea
The South Korean unit of the luxury brand Chanel recently underwent a cyberattack where the adversaries accessed a database containing the PII of some of the customers from the Fragrance and Beauty division. The compromised information included their names, phone numbers, DOBs, and shopping histories. However, no user IDs, passwords, or payment details were exposed in the incident.
Chanel Korea profoundly regrets this unfortunate incident and apologizes to all customers whose information was leaked. All affected individuals were notified via texts and emails. Chanel urges all customers worried about data theft to approach them and take phishing protection measures at an individual level. Chanel launched an investigation and employed an external cybersecurity firm to get to the roots of the attack. Immediately after detecting the source of the breach, they blocked the IP address responsible for it. The case was then handed over to the government authority KISA, which now investigates it along with the PIPC.