As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 32, 2024
Information security updates and events from the past week
1 – An attacker hacked into the Mobile Guardian platform and remotely deleted data of 13,000 students.
The Mobile Guardian platform provides several capabilities for managing tablets and computer stations in schools and helps with classroom management, control of usage times, content control and more.
According to the company’s report, an attacker gained access to the company’s systems and remotely performed a complete deletion of a small number of positions.
Contrary to the company’s report, the Ministry of Education in Singapore reports that the attacker deleted information from approximately 13,000 student laptops and tablets….
Upon detection of the incident, the company cut off access to the platform and at this point users cannot log in.
2 – The Grand Palais Rmn organization in France, which manages the activities of several museums in the country, reports that it is suffering from a ransomware attack.
Following the attack, the organization disabled the computer systems, and a number of museums are experiencing disruptions in activity.
Various reports indicate that the attack was caused after the credentials of one of Grand Palais Rmn’s partners were stolen using Infostealler.
At this point, no infidel group has claimed responsibility for the attack.
3 – A ransom attack on c-edge technologies led to the shutdown of about 300 banks in India.
Following a ransom attack on the company c-edge technologies, which provides banks with various technological systems, about 300 banks in India had to stop their activities.
The National Payments Corporation of India (NPCI) has proactively disconnected all c-edge technologies from the country’s payment system to prevent the spread of the malware.
Cloudsek reports that the Ransomexx ransomware group is responsible for the attack.
4 – ADT company approves data hacking after it leaked customer information on a hacking forum
US building security giant ADT has confirmed it suffered a data breach after threat actors leaked allegedly stolen customer data on a popular hacking forum.
ADT is a public American company specializing in security and smart home solutions for residential and small business customers. The company employs 14,300 people, has annual revenue of $4.98 billion, and serves approximately 6 million customers in 200 locations in the United States.
In a Form 8-K regulatory filing Thursday morning with the Securities and Exchange Commission (SEC), ADT says threat actors hacked some of its databases and stole customer information.
5 – The Rhysida Ransomware group claims to have hacked Bayhealth Hospital in Delaware
Bayhealth Hospital is a not-for-profit health system with nearly 4,000 employees and a medical staff of more than 450 physicians and 200 physicians.
The Rhysida Ransomware group claims to have hacked Bayhealth Hospital and added the hospital to the list of victims on its Tor leak site.
The group claims to have stolen data from the hospital and demands 25 BTC to avoid leaking it. The group leaked screenshots of stolen passports and IDs as proof of the hack.
6 – A ransomware attack cost Keytronic over $17 million
Electronics manufacturing services company Keytronic revealed on Friday that the latest ransomware attack resulted in more than $17 million in additional expenses and lost revenue.
The company disclosed the costs associated with the incident in a preliminary financial report for the fourth quarter of fiscal 2024.
“Due to this event, the company was required to incur additional expenses of approximately $2.3 million, and it believes it lost approximately $15 million in revenue during the fourth quarter,” said Keytronic.
However, he added, “Most of these orders are refundable and are expected to materialize in fiscal year 2025. Partially offsetting these additional expenses was an insurance gain of $0.7 million that was also recorded during the quarter.”
The cyber-attack, discovered on May 6, caused disruptions to websites in the United States and Mexico. Activity on these sites was suspended for two weeks due to the incident.
The company first reported in June that it had already incurred about $600,000 in expenses for outside cybersecurity experts.
7 – Personal and health information was stolen from Cencora
Healthcare giant Cencora confirmed this week that personally identifiable information (PII) and protected health information (PHI) were stolen in a February 2024 cyber-attack.
The incident was identified on February 21 and disclosed a few days later in a regulatory filing, when the company said that personal information had been leaked from its systems.
In a July 31 filing with the Securities and Exchange Commission (SEC), Cencora said that “additional data, beyond what was initially identified, has been released.”
The company has identified and completed its review of most of the data. That review confirmed that the data included personally identifiable information and protected health information about individuals, most of which is maintained by a subsidiary of the company that provides patient support services, Cencora said.
In addition, it stated that the attack did not have a material impact on its activities, and its systems remained fully operational and that no material impact on the financial situation or the result of the activity is expected.
The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our services.
