HamBURGLARS & Hackers play mind games

In this week's Cyber Weekly:

1. HamBURGLARS
2. Hackers play mind games
3. 9 months of secrets
4. Imagine every victim sued?
5. In case you didn't know

Thanks to all 10,902 subscribers. It really takes a community to fight against cyberattacks. By sharing these newsletters, we can reach more people and help others from becoming a statistic. Simply like the post or share in the top right corner.

Also, follow me on LinkedIn for daily cyber security discussions >> Luigi Tiano.

1.HamBURGLARS

‍

The restaurant chain, Five Guys, got breached in September 2022. The fast-food restaurant employs 5000 people worldwide. It seems like the hackers accessed a single file server with no lateral movement. As a result, they are assuming the attack is financially motivated. The personal information stolen was focused within the human relations department. The number of people affected by the attack is unknown as information from employee candidates were also stolen. The number of applicants worldwide is unknown. Information stolen includes name, social insurance number and address. This is not the first time Five Guys gets hacked. (darkreading)

‍

My thoughts: At risk of repeating myself, companies who get hacked are likely to become victims again. My favorite part of the article. “With Five Guys pulling in close to $2 billion in revenue, I’d be interested to see what their cybersecurity spend was." Also worth mentioning, although collecting personal information during the interview process is a must, companies need to have an “expiry date” put on data from individuals who are no longer candidates.

‍

2. Hackers Play Mind Games and Speak Directly to the Victims

‍

A liberal arts school in Illinois, Knox College, was hacked on Dec 12, 2022. The ransomware group, Hive, is said to be behind the attack. Instead of “proving” that they went through with the attack by releasing evidence, they emailed the students directly. The email taunted the students saying the following:

‍

“We have compromised your collage networks,” the email said, written in the kind of broken English common among international ransomware hackers. “The data we have includes your personal information, medical records, psychological assessments, and many other sensitive data.

‍

Additionally all of your SSN and Medical records will be put for sale, for every hacker to gain access and use your data in whatever illegal activity they want,” the hackers wrote. “To us, this is a normal business day. For you, its a sad day where everyone will see your personal and private info.” (nbcnews)

‍

My thoughts: There is speculation that the hackers reached out to the students so they would put pressure on the school to pay the ransom. It’s not often (frankly really rare) where hackers reach out to the victims directly. An interesting approach of attack by adding a layer of phycological pressure augmenting potential anxiety related to the situation. These criminal gangs will stop at nothing to scare their victims into paying.

‍

3. 9 months of secrets

‍

Maternal and Family Health Services in Pennsylvania was hit back in April 2022. Patient information was compromised including names, birthdays, addresses, social security numbers, usernames, passwords, driver’s license numbers and medical details. There were no details on why the non-profit took nine months to let their patients know of the breach. The number of past and current patients affected is unknown. There are also reports that the actual incident took place in August of 2021, one year before they discovered the incident. (scmagazine)

‍

My thoughts: Why such a long time to report and acknowledge the breach. If they did have a cyber insurance policy, one of the questions would surely be, have you suffered an attack in the last year. Gross negligence or pure ignorance. You be the judge. If you don’t have the budget to fully protect your enterprise, start with endpoint management. It’s ideal to know when unauthorized parties are in your environment.

‍

4. What if every victim sued?

CommonSpirit is one of the largest hospital operators in the country. They have over 142 hospitals and 2200 care sites across 21 states. They were breached just a month ago. However, this year, we found out that one of the institution’s patients is filing a lawsuit against them. This patient is one of 623,000 people that were affected by the breach. The patient’s name is Leeroy Perkins from Washington state. He alleged that the health system failed to implement basic data security measure to protect patient health information. (healthcaredive)

‍

My thoughts: If more people sue companies that don’t properly protect their data, companies would take cyber security more seriously. Imagine all 623,000 patients sued!

‍

5. In case you didn't know...

‍

I started Assurance IT with my childhood friend Ernesto Pellegrino in 2011. Our mission is to help 100,000 companies become cyber resilient through our services and free content. We focus on helping mid-sized organizations with data protection and data privacy. Our primary services include: endpoint management, cloud backup, DRaaS, Microsoft 365 backup, and Quebec's Law 25 training.

‍