Security Breach – 19 Apr 2024

supply chain

Security Breach – 19 Apr 2024

Ransomware is the monster under the bed for businesses, and the most likely vector for ransomware or malware is email. One successful ransomware attack is potentially devastating for any business, setting off a cascade of negative outcomes that cost businesses a fortune in lost productivity, lost business, incident response expenses, regulatory fines and other expensive nightmares.

In recent report, we asked business owners about how they think a ransomware attack would impact their organisation, and the results are grim. More than half (53%) indicated that a successful ransomware attack would have a significant impact on their organisation. An unfortunate 17% said they believe their company is unlikely to survive a successful ransomware attack.

Recent Breaches

 

Australia – Aussizz Group – Australian immigration consultancy

Exploit: Data Breach

Risk to Business: Severe: Australia-based global immigration and education consultancy firm Aussizz Group has been listed on the dark web leak site of the DragonForce ransomware gang. The hackers listed Aussizz on its dark web leak site late last week, claiming to have stolen 278.91 gigabytes of data.  The group did not provide any other information regarding the attack or what information it claims to have stolen, other than a description of the company and what it does. Aussizz offers visa and citizenship applications for Australia, as well as New Zealand, the US, the UK, and Canada, meaning the data it contains could be highly sensitive and used for further attacks and fraudulent activity. At this stage, nothing indicates whether the attack actually occurred, whether any data was stolen, or whether Aussizz faces any material losses as a result of the incident. 

United States – Change Healthcare – Technology Provider

Exploit: Ransomware

Risk to Business: Extreme: On the heels of its massive cyber disaster a few weeks ago, Change Healthcare has fallen victim to a ransomware attack yet again. A threat actor new to the scene calling themselves RansomHub claims to have snatched 4TB of sensitive data from the organisation’s network. The bad actors claim to have obtained a variety of data including the personal identifying information (PII) of active US service members and other patients, medical records, insurance records, payment information and over 3,000 source code files for Change Healthcare technology.

 

Talk to a TCT team member today about implementing cyber security plan for your business.

Robert Brown
19/04/2024

Related Articles:
Google & Yahoo’s New DMARC Policy
Gamers Beware! Hackers are Targeting You