As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 37, 2024
Information security updates and events from the past week
1 – A few retail chains in France report information leaks following cyber-attacks.
Boulanger and Culture are among the chains that published a message about leaked information, but it is possible that other chains will join them in the future.
At this stage it is not yet clear if the attacks are related to each other or if they are just adjacent events, meanwhile Boulanger treats the case as a one-off cyber incident, which includes information leakage, and Culture reports that it is an attack on one of the company’s suppliers.
2 – The Slim CD company, which provides various payment solutions, reports that information of about 1.7 million customers was leaked after an attacker had been in the company’s systems for almost a whole year
In the letter published by the company to customers (see comments), it states that the attacker was detected in the company’s systems in June 2024 but had already had access since August 2023.
Following the access he had, the attacker was exposed to customers’ personal information, including credit card numbers and card validity.
3 – The American car rental giant AVIS reports an information leak, after an attacker managed to access one of the company’s systems.
According to the letter sent to the affected customers (see comments) it appears that the attacker was on the company’s network for about three days.
https://www.pc.co.il/featured/415689/
4 – The Highline Public Schools school district is shut down following a cyber attack
Highline Public Schools, a K-12 district in Washington state, closed all schools and canceled school activities after its technology systems were compromised in a cyber-attack.
In a statement released Monday, the district confirmed that all schools will remain closed, and all activities will be canceled on September 9.
However, the district’s central office remained open, and staff were ordered to report to work.
5 – Wisconsin insurance company discloses cybersecurity data breach affecting 950,000 people
Insurance corporation Wisconsin Physicians Service (WPS) is notifying approximately 950,000 people whose personal information was stolen in last year’s MOVEit campaign.
On September 6, WPS disclosed the impact of the MOVEit breach, announcing that 946,801x US Medicare beneficiaries were likely affected, including some Centers for Medicare & Medicaid Services (CMS) beneficiaries.
In a notification letter mailed to affected individuals, WPS explains that its 2023 investigation into the incident found “no evidence that an unauthorized party obtained copies of files contained within the WPS MOVEit application.”
A second investigation, launched in May 2024 with the help of a third-party cybersecurity firm, found that files from WPS’s MOVEit file transfer system were indeed stolen, and that some of those files contained personal information.
Compromised information includes names, addresses, dates of birth, social security numbers, gender, hospital account number, dates of service and Medicare beneficiary ID or health insurance claim number.
The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.