Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Data Compromise. Show all posts
Ransomware
Cyber Crime Cybersecurity Data Compromise Digital Assets PSI software Ransomware

Cybersecurity Breach Hits Global Software Developer PSI Software SE

 


According to a recent announcement, German software company PSI Software SE revealed that it fell victim to a ransomware attack, disrupting its internal infrastructure. The company, specialising in software solutions for energy suppliers worldwide, including control systems for operations, network utilisation, and energy trading, confirmed the incident on February 15. As a precautionary measure, PSI Software disconnected several IT systems, including email, to prevent potential data loss.

The attack was initially detected on the night of February 15, with the company noticing unusual activity in its network. To contain the threat, PSI Software swiftly shut down external connections and systems. Although the exact entry point of the cyberattack remains unknown, the company is actively investigating the incident.

The ransomware attack prompted PSI Software to engage in collaboration with the Federal Office for Information Security, seeking assistance for incident response and remediation efforts. Authorities were promptly notified, and since February 16, experts have been working closely with the company to mitigate the impact of the cyber incident.

Despite the disruption, PSI Software reassures its customers that there is currently no evidence suggesting the attackers breached customer systems. The focus remains on securing and restoring the company's internal infrastructure. The situation has raised concerns about the potential consequences of such attacks on critical infrastructure, given PSI Software's role in providing software solutions for major energy suppliers globally.

This incident highlights the growing threat of ransomware attacks targeting critical infrastructure and how crucial it is to adapt robust cybersecurity measures. As businesses increasingly rely on digital systems, the risk of cyber threats becomes more significant. PSI Software's proactive response in disconnecting systems and collaborating with cybersecurity experts demonstrates the urgency and seriousness with which companies must address such incidents.

Cybersecurity experts emphasise the need for organisations to adopt comprehensive security measures, including regular system audits, employee training on recognising phishing attempts and implementing strong network security protocols. The investigation into the PSI Software SE ransomware attack serves as a reminder for businesses to be conscientious and proactive in safeguarding their digital assets.

This ransomware attack on PSI Software SE, a global player in critical infrastructure software development, highlights the fluid and emerging nature of the threats confronting businesses. As cybersecurity incidents become more sophisticated, organisations must prioritise robust security measures to protect against potential disruptions and data breaches. The cooperative engagement with cybersecurity authorities accentuates the necessity for a unified endeavour to minimise the repercussions of such attacks. It further stresses upon the critical significance of adopting a well-informed stance towards cybersecurity in the contemporary digital era.


Read more »
FlexBooker
Data Breach Data Compromise Data threats FlexBooker

FlexBooker Breached, Over 3.7 Million Impacted

 

A cybercriminal group that identifies itself as Uawrongteam has compromised accounts of more than three million users of the U.S.based FlexBooker – a popular online appointment scheduling platform that allows customers to schedule appointments ranging from counseling to haircuts. 

The same intruders are offering data on hacker forums from FlexBooker along with other databases compromised on the same day, belonging to Racing.com and Redbourne Group’s rediCASE case management software, both from Australia. 

According to the reports, the compromised data that has been published on malicious websites includes IDs, photos, driver’s licenses. The stolen database also contains customer information such as names, phone numbers, emails, hashed passwords, and password salt. 

The organization has already alarmed local authorities and sent notifications to its customers, explaining that its Amazon AWS servers have been breached by distributed denial-of-service (DDoS) attack. FlexBooker customers include the brands Chipotle, GoDaddy, Bausch + Lomb, and Krewe. 

“After working further with Amazon to understand what happened, we learned a certain set of data, including personal information of some customers, was accessed and downloaded,” the company said. Meanwhile, Nasser Fattah, a cyber security expert, warned that the attack might not be over. 

“We know that there are financial losses associated with system outages, hence, why security teams have all eyes on glass, so to speak, when there is a DDoS attack…,” Fattah explained on Friday. “…And when this happens, it is important to be prepared for the possibility of a multifaceted attack and be very diligent with monitoring other anomalies happening on the network.” 
Read more »
User Security
Data Breach Data Compromise Data Leak Health Information Medical Data Leak Medical Devices User Data User Privacy User Security

40M+ People had Health Information Leaked in 2021

 

This year, data breaches compromised the personal health data of almost 40 million people in the United States, a substantial increase from 2020 and a continuation of a pattern towards more and more health data hacks and leaks. 

Any health data breaches affecting 500 or more persons must be reported to the Office for Civil Rights at the Department of Health and Human Services, which makes the breaches public. As per the office's database, 578 breaches have been reported so far this year. Although this is less than the 599 breaches disclosed in 2020, the breaches last year only impacted approximately 26 million people. 

According to a survey from security firm Bitglass, hacking or other IT accidents have been the primary cause of people's health records being exposed since 2015. Before it, the majority of data breaches were caused by lost or stolen devices. 

The transition occurred in line with the federal rules in the United States requiring healthcare companies to adopt electronic medical records, as well as a broader shift toward digital instruments in healthcare, such as internet-connected monitoring. In the black market, medical records are valuable because they contain information that is more difficult to alter than a credit card and can be used to establish false medical claims or acquire medications. 

Patients may be harmed in several ways as a result of these breaches: their personal information may be revealed, and they may be forced to cope with the financial consequences of having their medical identity stolen. 

Hacking and attacks on healthcare institutions that shut down hospital computer systems might make it more difficult for hospitals to provide high-quality care, which can be hazardous to patients. According to research, more people die in hospitals as a result of data breaches, even if the incident does not result in a computer system shutdown. 

Although the risk of cyberattacks is increasing, many healthcare companies have not prioritised cybersecurity investment. A cyberattack on the Florida Healthy Kids Corporation health plan, for instance, resulted in the exposure of 3.5 million people's personal data in 2021. 

According to Health News Florida, an investigation conducted following the hack revealed that the plan's website had "significant vulnerabilities." However, experts suggest that the increase in attacks in 2020 and 2021, notably in ransomware attacks, is driving companies to take the threat more seriously.
Read more »
Vestas
Cyber Attacks Data Compromise IT system Security Vestas

Vestas Shuts IT Systems in Response to Cyber Security Incident

 

Vestas Wind Systems, a global leader in wind turbine manufacture, has shut down its IT systems after a cyberattack. 

Vestas is a prominent North American wind turbine producer, installer, and service provider, with 40,000 MW installed and 36,000+ MW in under service in the United States and Canada. 

The company stated that on Friday, November 19th, they were attacked, compelling them to shut down IT systems across numerous business divisions and locations in order to prevent the attack from spreading. Customers, staff, and other stakeholders may be impacted as a result of the interruption, and some Vestas facilities have been compelled to reduce output. 

Vestas stated it's still trying to restore the integrity of its IT systems in a blog post published on the company's website, but it doesn't have a timeline for doing so. Vestas also admitted that some data had been breached, implying that the hackers had been able to steal data from the hacked systems. 

Vesta disclosed in a new statement, "The company's preliminary findings indicate that the incident has impacted parts of Vestas' internal IT infrastructure and that data has been compromised. At this stage, the work and investigation are still ongoing." 

The corporation also stated that the impact on manufacturing, construction, and service has been limited. While Vestas hasn't specified what kind of hack they were hit with, the description seems like a ransomware attack. 

The firm has been contacted by BleepingComputer for further information regarding the event and whether the hackers are seeking a ransom, but they are yet to get a response. 

Rising attacks on critical infrastructure 

Vestas employs 25,000 people and has production sites in 16 countries, with a revenue of over a billion USD each year. As countries accelerate the adoption of pollution-reduction policies and roll out renewable energy investment programs, Vestas has a crucial role in fulfilling such services. 

As a result, interrupting the manufacturing, installation, and maintenance processes might have a severe impact on regions that rely on wind turbines for power. Vestas was already dealing with supply chain challenges and rising material prices, so this cyberattack comes at an especially inconvenient moment. 

As ransomware gangs ramp up their operations in search of higher payments, critical infrastructure has become increasingly vulnerable to cyberattacks. Ireland's Health Service Executive, meat manufacturer JBS, and US gasoline pipeline Colonial Pipeline have all been targets of previous attacks on key infrastructure.
Read more »
Subscribe to: Posts (Atom)