Security Breach – 31 May 2024

security hygiene

Security Breach – 31 May 2024

Phishing attacks remain one of the most pervasive and damaging cyberthreats in the business world. Innovative delivery models like Phishing-as-a-Service (PhaaS) play a significant role in contributing to the rising tide of phishing attacks. Phishing-as-a-Service (PhaaS) is a delivery model where phishing attacks are packaged as a service, similar to legitimate Software-as-a-Service (SaaS) offerings. PhaaS enables even non-tech-savvy cybercriminals to launch sophisticated phishing attacks with little upfront investment, leveraging tools and services provided by a phishing service provider. The impact of PhaaS in the business world is profound as it democratises the tools necessary for cyberattacks, leading to an increase in phishing incidents that can jeopardise sensitive data and financial security.

Recent Breaches

Australia – Advance Press – Printing company

Exploit: Data breach

Risk to Business: Severe: Ransom House, a relatively young threat group believed to have first emerged in December 2021, listed the Western Australia-based printing organisation on its site, claiming to have stolen “about 300Gb of data”. This includes employment contracts, résumés, insurance documents, expenses, budgets, profit and loss margins, and more. Cyber Daily reached out to Advance Press, which decided not to provide further comment.

United States – Cencora – Pharmaceutical Services Provider

Exploit: Hacking

Risk to Business: Extreme: 11 major drug companies have disclosed that they have suffered a data breach as the result of a February 2024 hacking incident at pharma services giant Cencora. The impacted companies include Bayer Corporation, Novartis Pharmaceuticals, Regeneron Pharmaceuticals, AbbVie, Incyte Corporation, Genentech, Sumitomo Pharma America, GlaxoSmithKline Group, Acadia Pharmaceuticals and Endo Pharmaceuticals. The California Attorney General’s Office said in a posting that Cencora had determined in an investigation that ended in April 2024 that patient data that Cencora retained for each of those companies including a patient’s full name, address, health diagnosis, medications and prescription data was accessed by bad actors. Cencora is offering recipients two years of free identity protection and credit monitoring services through Experian.

Talk to a TCT team member today about implementing cyber security plan for your business.

Robert Brown

Related Articles:
How to Properly Deploy IoT on a Business Network
What Is SaaS Ransomware ?