It was never like this in WarGames.
The 1983 cyber thriller starring Matthew Broderick imagined a world where computers could either initiate global thermonuclear war or play a game of chess. However, WarGames stopped short of imagining a world where wars get fought entirely online. Today, attacks get initiated with keystrokes and viruses rather than launch codes and missiles. Unfortunately, the collateral damage in this cyber war could be your small to medium-sized business.
In retaliation for attacks on oil tankers and an American drone, as well as ongoing attacks from Iranian hackers, Pres. Trump recently authorized a cyber attack on Iran’s military command and control systems. Iran claims that the American attack was unsuccessful. Whatever the case, many cyber security experts expect Iranian hackers to retaliate against American businesses.
Iranian Hackers Targeting American Businesses?
This revelation comes amid news that Iranian hackers are already aggressively targeting the American electrical grid. Meanwhile, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency started warning American businesses to watch out for cyber attacks from Iranian hackers. CISA Director Christopher Krebs highlighted some of the preferred attack methods of Iranian hackers. These methods include:
- Password spraying
- Data wiping malware
- Credential stuffing
Of course, the Department of Homeland Security has its own cyber security issues. A federal cyber security report recently revealed that DHS still runs Windows XP and Windows 2003 on various systems. This despite the fact that those operating systems reached their end of life deadline years ago. The report also found that DHS did not properly manage security patches for the last decade.
Closer to home, Texas became the latest state to update its data breach notification laws. Texas Gov. Greg Abbott signed HB 4390, which requires breached organizations to notify affected customers within 60 days. Meanwhile, a competing bill that sought to create a stronger consumer privacy law similar to CCPA stayed in committee.
Of course, more threats to your data protection and network security exist besides Iranian hackers. Without any further ado, here are the top data breach news stories for the second half of June. Keep reading to learn more about cyber incidents involving Illinois eye care centers, a California patient care clinic and a Michigan bakery.
U.S. DATA BREACH NEWS (June 16-30, 2019)
Health IT Security: AMCA files for Chapter 11 bankruptcy
Updating an ongoing data breach story from last week. The parent company of the American Medical Collection Agency filed for Chapter 11 protection. An eight-month-long hack at this third-party medical billing company caused the breach of personal, financial and health data related to 20 million patients. According to court documents, AMCA is looking to liquidate assets and liabilities “worth up to $10 million.” The company already spent nearly $4 million mailing out breach notices to victims.
Along with the request for bankruptcy came news that AMCA plans to lay off 78 percent of their employees. This mass firing cuts the AMCA workforce down from 113 to 25 individuals.
Go Erie: SAT answers leaked from overseas
National Center for Fair & Open Testing, or FairTest, announced that a data breach leaked answers from a June 1 SAT Biology exam. The test answers circulated on Internet sites, most notably Reddit, for a day before getting removed. This breach marks the fourth time that FairTest received advanced copies of an SAT exam from foreign sources.
Lansing State Journal: Breadsmith cyber attack in Okemos affects bread supply for Kroger stores
Not even our daily bread is safe from hackers anymore. A malware virus attack on Breadsmith did not affect any customer data. However, it did prevent the Michigan bakery from printing nutritional labels on their products. This cyber attack shut down sales to four Lansing-area Kroger grocery stores.
Notices were sent to people potentially affected by a data breach in January of this year. The Oregon Department of Human Services plans to provide 12 months of identity theft monitoring and recovery services to affected individuals. Nine Oregon DHS employees opened a phishing email, allowing the hackers to launch a cyber attack.
This online food and ordering service, which operates in 38 states and the District of Columbia, suffered a data breach that also affected restaurant and delivery partners. The data breach exposed personal data included PCI (Payment Card Information) such as card numbers, expiration dates, verification codes, billing addresses, email addresses and phone numbers.
Dark Reading: Cost per cyber attack jumps to $4.6m in 2019
Cyber attacks cost $3 million per incident in 2018, but that number jumped up 50 percent so far in 2019. The percentage of attacks costing $10 million or more has nearly doubled, going from 7 percent last year to 13 percent this year. Meanwhile, 70 percent of senior executives in North American and Europe say their organization suffered a cyber attack within the previous 12 months.
Add Riviera Beach, Florida, to the list of American cities that have been held hostage by a malicious ransomware attack. After hackers encrypted city systems and records, Riviera Beach officials elected to pay a $600,000 ransom. City officials also agreed to spend over $1 million on new computers and improved cyber security. Federal law enforcement agencies continue to investigate the attack.
Right on the hells of the Riviera Beach story came news that another Florida small town was about to pay a hefty to sum to hackers. After a June 10 “triple threat ransomware attack” shut down the city’s email and prevented people from paying bills online, Lake City officials agreed to pay $460,000 to get back into the system. The attack started when a city employee opened an infected email. Lake City Mayor Stephen Witt claims that the city’s cyber insurance policy will cover all costs except for the $10,000 deductible. However, the Lake City IT Director got fired in the fallout.
If that’s not enough, right after the Riviera Beach news broke, a third Florida city reported a data breach. The Village of Key Biscayne, a community with only 3,000 residents, discovered a “data security event” on June 24. City officials are still working to determine the cause and scope of the data breach.
Meanwhile, on the other side of the country, the city of Sun Prairie, Wisconsin (population: 33,000), posted notice of a data breach on June 25. The data breach involved “unauthorized access to an employee’s email account,” and it lasted from January 16, 2019, through March 6, 2019. Information within the affected email accounts may include Social Security numbers, drivers license or state ID number, medical information and payment card information.
SC Magazine: Ransomware attack on software company ResiDex may have exposed data on assisted-living residents, workers
This breach relates to an April 2019 cyberattack that infected third-party software company Tenx Systems, a division of ResiDex Software, with ransomware. The attack on Minneapolis-based ResiDex, which provides software to facilities and organizations that support seniors and the disabled, potentially exposed information such as medical records, names and Social Security numbers.
Over the last decade, almost 1,500 data breach incidents got reported from companies headquartered in California. The California cyber attacks collectively exposed 5.6 billion personal records. That accounts for over half of the 10.7 billion personal records exposed by American data breaches since 2008. In all, U.S. business data breaches in the last decade cost a whopping $1.6 trillion.
It turns out that even the country’s leading scientific minds tend to skimp on critical cyber security measures. A security breach at the National Aeronautics and Space Administration allowed hackers to steal data related to “major missions systems.” Two of the files contained information on the Curiosity rover mission to Mars. The hack on NASA’s Jet Propulsion Laboratory persisted for 10 months before it got discovered.
Marin Independent Journal: Marin Community Clinics hit by ransomware attack
The cyber attack locked employees out of the company’s computer system for several days. Marin Community Clinics managed to handle patient care on paper, but the business still elected to pay all or part of the ransom to the hackers.
While Marin Community Clinics claims that no patient data got compromised in the attack, it is difficult to verify the claim at this stage. As always, the danger in paying a ransom to hackers is that you have no guarantee of getting your data back.
WJHG-TV News: Local police officer stops cyberattack in Mexico Beach
While officials in Riviera Beach, Florida, elected to pay a $600,000 ransom, smart work by a police officer in the Florida panhandle town of Mexico Beach saved the city an untold sum. When a ransomware attack hit Mexico Beach in early April, it locked city officials out of the computer network.
Rather than panic, though, Sgt. Alex Foster of the Mexico Beach Police Department sought the advice of IT professionals. One of those professionals directed Sgt. Foster to a cyber security company that was able to decrypt the files and get Mexico Beach back online. The company also helped Mexico Beach install basic cyber security measures like firewalls and antivirus protection.
Invision Magazine: Eyecare centers report data breach
JFJ Eyecare Ltd., the parent company of Quantum Vision Centers and Eye Surgery Center LLC, announced that some systems were accessed by a hacker. The company became aware of the security incident on April 18, and it recently mailed letters to affected individuals. Protected health information accessed in the attack includes patient names, dates of birth, home addresses, social security numbers and information on health insurance coverage. The company is headquartered in Belleville, Illinois.
Virginia-based dental and vision insurance provider and administrator Dominion National started sending notifications to patients about a data breach that started in Aug. 2010. The investigation into the incident started in April of this year, and it revealed an ongoing, nearly decade-long security breach. Exposed patient information included names, addresses, email addresses, dates of birth, Social Security numbers and taxpayer identification numbers.
Over 2,000 Northwest Indiana patients recently received data breach notification letters from health care services provider Franciscan Health. Personal information accessed “without a business reason” by a Franciscan Health employee included names, addresses, email addresses, dates of birth phone numbers and more. The employee who accessed the files was fired by Franciscan Health following a May security audit.
The Exponent Telegram: Harrison, WV, County Clerk’s Office still reeling after cyberattack
A June 13 cyberattack on the government of Harrison County has proved especially debilitating to the County Clerk’s office. Hackers encrypted the Harrison County system as well as the data backups, and the county lost documents dating back to the 18th century in the process. Over two weeks after the attack, all business at the County Clerk’s Office is still being done by hand. The office cannot even issue new marriage licenses until they catch up on backlogged paperwork.