04 Aug Security Breach – 4 Aug 2023
No IT professional wants to come face to face with ransomware. However, in today’s volatile security landscape, it’s highly probable that a company will have to navigate through the shark-infested waters of a major incident response and try to survive a ransomware attack at least once.
The year is only a little over half over, yet ransomware losses have already reached about the same amount as they did in all of 2022. In fact, ransomware gangs are well on their way to having a banner year ever, having snatched up an estimated $449.1 million through June. Experts at Chainalysis estimate that if ransomware attacks and damage continue at this pace, the bad guys could steal $898.6 million. What all of this means for your business is that mounting a solid defence against ransomware is critical and having the right tools to do it is essential.
Recent Breaches
United States – Maximus – Government Services Company
Exploit: Hacking
Risk to Business: Extreme: Maximus, a service provider to several U.S. federal agencies including The Department of Health and Human Services (HHS) and the Centers for Medicare & Medicaid Services (CMS), has disclosed that it has been caught up in the MOVEit exploit net. In a filing with the U.S. Security and Exchange Commission (SEC), Maximus said that it discovered in May that its corporate network was affected by the MOVEit ransomware attack. The company determined that the attackers snatched files containing sensitive information including Social Security numbers belonging to between 8 million and 11 million individuals. The investigation into the incident is ongoing.
Canada – Yamaha Canada Music – Musical Instrument Company
Exploit: Ransomware
Risk to Business: Severe: Canadian musical instrument maker Yamaha Canada Music has disclosed that it has been the victim of a ransomware attack. In an interesting twist, just like some of last week’s attacks, this one also features more than one ransomware group claiming responsibility, this time BlackByte and Akira. BlackByte included Yamaha Canada on its list of victims on June 14 before the company was added by Akira ransomware on its leak site on July 21. The company admitted that the personal data of some of its employees had been compromised but did not offer specifics. The incident is under investigation.
Talk to a TCT team member today about implementing cyber security and phishing training plan for your employees.
Robert Brown
04/08/2023
Related Articles:
Cybersecurity mistakes that leave your data at risk
Everyday objects can lead to Identity Theft