18 Aug Security Breach – 18 Aug 2023
In a fast-paced threat landscape, companies face a constantly changing level of risk for a data breach or other damaging cybersecurity incident. And if the worst does happen, too many companies don’t discover their data breach themselves. According to IBM’s Cost of a Data Breach Report 2023, only one in three businesses that experienced a data breach identified that data breach using the company’s own security teams or tools. An estimated 67% of data breaches are instead discovered by a benign third party or by the attackers themselves.
That means that many companies need better threat detection and would benefit from investing in a managed SOC (Security Operation Centre). You should also be investing in EDR (EndPoint Detection & Response) software which WithSecure, our Security expert knows a lot about.
Recent Breaches
United States – The Colorado Department of Health Care Policy & Financing (HCPF) – Government Agency
Exploit: Supply Chain Attack
Risk to Business: Severe: The Colorado Department of Health Care Policy & Financing (HCPF), a state government agency that manages the Health First Colorado (Medicaid) and Child Health Plan Plus programs, is alerting more than four million individuals of a data breach that impacted their personal and health information. HCPF said that the data exposure occurred through their contractor IBM thanks to the MOVEit vulnerability. Bad actors likely exfiltrated files that contained certain Health First Colorado and CHP+ members’ information, including, full names, Social Security numbers, Medicaid ID numbers, Medicare ID numbers, dates of birth, home address, contact information, income information, demographic data clinical data (diagnosis, lab results, treatment, medication) and health insurance information.
United States – Rapattoni – Real Estate Technology Provider
Exploit: Hacking
Risk to Business: Severe: Home buyers and real estate professionals have experienced frustrations in the past week after a cyberattack nailed Rapattoni, a software and services provider that is best known for providing access to the nationwide Multiple Listing Services (MLS) to regional real estate groups. The California-based company said in a statement that its production network was hit by a cyberattack and it is working to get systems restored as soon as possible. MLS systems have been down since last Wednesday for many real estate agencies. The incident is under investigation.
Talk to a TCT team member today about implementing cyber security and phishing training plan for your employees.
Robert Brown
18/08/2023
Related Articles:
What type of hacker is endangering your business data?
Cybersecurity mistakes that leave your data at risk