This Week In Cybersecurity | November 29 2024

finger print mfa 3D element

Even with this week’s Thanksgiving holiday, cyber criminals took no time off. Let’s recap some of this week’s cybersecurity news.

 

Blue Yonder, a cloud services provider based in Arizona was hacked over the weekend, causing an outage affecting the businesses it serves. Starbucks uses Blue Yonder software to manage barista schedules and pay their employees, and this outage caused them to have to do things manually while the outage was being investigated and serviced.

Other customers of Blue Yonder felt the effects as well as many corporations use their services to manage their supply chains. The company is currently working with its customers to mitigate the impacts and has hired CrowdStrike to assist with recovery from the attack.

(–Source: CNN on MSN
Read More: Starbucks forced to pay its baristas manually because of a ransomware attack on third-party software ) 

 

 

In 2020 and 2021, Geico’s online quoting tool was exploited by hackers, allowing them to gain access to 116,000 individual’s driver’s license numbers, which can be used in identity theft schemes.

In 2021, Travelers Indemnity Company also experienced a breach in which hackers stole the sensitive data of 4,000 individuals by using stolen employee credentials and easily gaining access to the system thanks to the lack of MFA.

Both companies are now being fined for violating New York’s cybersecurity standards by leaving their systems vulnerable to attack. Geico is being fined $9.75 million and Travelers is being fined $1.55 million.

(–Source: Forbes
Read More: Geico And Travelers Fined 11.3 Million For Data Breaches Exposing 120,000 ) 

 

 

Major hospice-dedicated pharmacy, OnePoint Patient Care, detected a data breach in August of this year that compromised sensitive personal information of patients including addresses, medical records, social security numbers, and more. Ransomware gang, INC Ransom, claimed responsibility of the breach in September and demanded ransom. OPPC allegedly did not pay the ransom, resulting in INC Ransom leaking the stolen data.

OPPC is offering a year of free identity protection and credit monitoring to affected patients. It’s estimated that 1,741,152 individuals has their information compromised in this attack.

(–Source: CyberNews
Read More: OnePoint Patient Care breach affects 1.7 million people | Cybernews ) 

 

 

Early on Wednesday morning, Hoboken, NJ had several of its city services shut down or compromised due to a ransomware attack. City Hall, the city’s Municipal Court, and even services such as street sweeping were suspended as a precaution.

The incident is being investigated by The Hoboken Police Department and other city and IT officials.

(–Source: NJ.com on MSN
Read More: Cyber attack shuts down N.J. city’s government ) 

The Resource Hub

Get Complete Managed Services Insights

Visit our Resource Center for up-to-date news and stories for technology and business leaders.

Three IT Service Techs Working together at desks in office

Move Forward with IT Services for Business

Use managed services for small and mid-sized businesses that help you reach your goals.

Work With Us