This Week In Cybersecurity | December 27 2024

blue light dots

Cybercriminals didn’t let up during the week of Christmas. Here’s your recap of this week’s headlines:

 

 

Duke Energy announced that an unauthorized third party may have gained access to customer information via their public website in May of this year.

While there is no indication that information such as passwords, financial data, or online profiles were leaked, account numbers, birth dates, contact and mailing information, meter numbers, and the last for digits of social security numbers and federal tax IDs were compromised. Since the incident, Duke Energy’s cybersecurity team has put advanced security measures in place and the company is offering a year of free credit monitoring services.

(–Source: WFTV9 on Yahoo! News
Read More: Duke Energy announces data breach that could effect some of the 8M customers ) 

 

 

US healthcare giant, Ascension, fell victim to a ransomware attack in May of this year in which the sensitive health information of 5.6 million patients was compromised by hackers.

The attack caused disruptions across its hospital system, resulting in errors and delayed and lost lab results. The hacker group responsible stole medical information relating to patients, payment information, and personal information including names, addresses, birth dates, and identity document information.

(–Source: TechCrunch on MSN
Ransomware attack on health giant Ascension hits 5.6 million patients ) 

 

 

The Coffee Bean & Tea Leaf recently detected suspicious activity within its network, leading the company to investigate. The investigation entailed that an unauthorized third party had had access to the system beginning as early as June of this year.

During this incident, the personal information of customers was compromised, including names, social security numbers, birth dates, legal document numbers, financial account information, and medical information.

Data breach notification letters have been sent to affected individuals.

(–Source: JD Supra
Read More: The Coffee Bean & Tea Leaf Provides Notice of Recent Data Breach | Console and Associates, P.C. – JDSupra ) 

 

 

On December 19th, Pittsburgh Regional Transit was hit with a ransomware attack that temporarily disrupted rail service. 

The discovery of the attack immediately alerted the company’s Cyber Incident Response Team, law enforcement, and third-party security experts, launching an investigation. The investigation is still ongoing and other rider services have been intermittently impacted as of Monday. As the investigation continues, it’s still currently unknown if sensitive data was compromised by the attack.

(–Source: CBS Pittsburgh on MSN
Read More: Pittsburgh Regional Transit investigating cybersecurity incident ) 

The Resource Hub

Get Complete Managed Services Insights

Visit our Resource Center for up-to-date news and stories for technology and business leaders.

Three IT Service Techs Working together at desks in office

Move Forward with IT Services for Business

Use managed services for small and mid-sized businesses that help you reach your goals.

Work With Us