Round Up of Major Breaches and Scams
Mercy Iowa City hospital this week reported that an internal email compromise and phishing email incident led to the exposure of personal information of some 60,473 individuals. An attacker had compromised a hospital employee’s email account and sent out phishing emails between May 15 and June 24, 2020. This ultimately led to the exposure of recipients’ names, Social Security numbers, driver’s license numbers, dates of birth, medical treatment information, and health insurance data.
Canada Centre for Cyber Security warns of risks related to state-sponsored programs from China, Russia, Iran, and North Korea. A report published by the Canadian Centre for Cyber Security, titled “National Cyber Threat Assessment 2020,” warns of risks associated with state-sponsored operations from China, Russia, Iran, and North Korea.
Microsoft has launched Office 365 priority protection for accounts of high-profile employees such as executive-level managers who are most often targeted by threat actors. The new feature was added to Microsoft Defender for Office 365 (previously known as Office 365 ATP) which provides enterprise accounts with email threat protection from advanced threats including business email compromise and credential phishing, as well as automated remediation of detected attacks.
A Florida man was sentenced to 37 months in prison earlier this week for his involvement in a business account takeover (also known as corporate account takeover) scheme that resulted in more than $9 million in total financial losses.
Round Up of Major Malware and Ransomware Incidents
The Mount Locker ransomware operation is gearing up for the tax season by specifically targeting TurboTax returns for encryption. Mount Locker is a relatively new ransomware operation that began infecting victims in July 2020. Like other human-operated ransomware gangs, the Mount Locker gang will compromise networks, harvest unencrypted files to be used for blackmail, and then encrypt the devices on the network.
An Oregon county hit by wildfires and a fall surge in Covid-19 cases is now dealing with the fallout from a cyber-attack. Jackson County’s website is currently down following a recent ransomware attack on the county’s web-hosting service provider, Managed.com. The company took down all its servers on Monday after reportedly becoming the latest target of REvil.