Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2023

Five Guys Employee Email Breach: SSNs Stolen

Five Guys Enterprises, LLC oversees the management of services delivered by “Five Guys,” a national restaurant chain throughout the US. The restaurant is available in more than 1,450 locations, 900+ cities, and every state (except Alaska). Their prominent location distribution and policy of every order being “served to go” makes Five Guys a top contender for dinner; however, now, their prosperous history may be at risk following a data breach stemming from their employees.

University of Michigan Suffers Massive Data Breach Following Network Hack

The University of Michigan (UM) hosts more than 55,000 students, 35,000 staff members, and 640,000 alums. Unfortunately, following a recent cybersecurity breach, students, applicants, alums, employees, contractors, and donors may now have information at risk. The extent of the exposure is unknown, but the outcome could impact anyone. Those in association with UM must take steps to guard themselves before the assailants can misuse their information.

Weekly Cybersecurity Recap October 27

This week, many institutions were targeted for attacks, impacting thousands differently. In the northeast of the US, New York’s gambling scene suffered an attack, downing casinos across the state. In the South, hackers attacked Florida’s Akumin clinics, exposing patient data. In Pennsylvania, the City of Philadelphia suffered from leaking the information of city email owners.

Revival Animal Health Network Announces Third-Party Data Breach

Headquartered in Orange City, Iowa, Revival Animal Health delivers business solutions for pet-oriented care and service providers; they offer pet healthcare products and animal supplies to pet professionals and individual pet owners. One way they provide services is via the e-commerce host CommerceV3. Revival Animal Health recently announced that CommerceV3 suffered a vulnerability, exposing 66,574 customer records.

City of Philadelphia Announces Hack, Potentially Exposing City Emails

Philly is the most populous city in the United States, hosting more than 1.5 million residents within its borders. The City employs around 30,000 people, fulfilling over 1,000 job categories. Recently, the City discovered suspicious activity within its email system, leading to potential information exposures of those with accessible accounts. If you have a city email account, your information could be at risk for misuse.

Radiology and Oncology Clinic, Akumin, Suffers Ransomware Attack

Akumin is a radiology and oncology clinic based in Florida with multiple locations. Last week, three of their South Florida locations shut down their computer systems to hobble a ransomware cyberattack. The downtime significantly impacted the three clinics, as the doctors could not complete patient assessments. Recent patients in the area should consider protective monitoring services to help mitigate potential outcomes from the attack.

Casinos Throughout New York Go Dark Following "Cybersecurity Event"

New York state’s video lottery gaming system receives management by Everi Holdings—a Las Vegas-born licensing operator; the New York State Gaming Commission (NYSGC) battled a cybersecurity event impacting casinos across the state last week. In 2020, the NY Council on Problem Gambling (NYCPG) published a report implying that 32% of residents were recreational or problem gamblers; if the report is accurate, over a million people could be at risk following the cybersecurity event.

AIDS Alabama Announces Breach, Patient Information Accessed by Cyberattack

AIDS Alabama Incorporated (AAI) serves over 8,000 Alabama residents, assisting them with emotional and medical support where possible. They are a clinic of humanitarian advocates, helping community members with housing and food; AAI is also an outspoken supporter of Black Lives Matter, substance abuse help, and preventative education. Your data may be at risk if you’ve received services or assistance from AAI.

Weekly Cybersecurity Recap October 20

This week, we noticed increased targeting of medical information; surgeries, health centers, and clinics were all made victims by successful hacking plots. The most recent attack involved Chicago’s Cook County Health. Alabama and Virginia also had specialized assaults, resulting in three data breaches across the states. Shadow PC also suffered a breach, which may have put thousands of gamers around the globe at risk.

Another Medical Information Breach Out of Chicago, Notifications Begin

Chicago’s health providers are prime targets for opportunistic hackers; Cook County Health is the most recently discovered victim of a cyber assault. Assailants took advantage of a third-party medical transcription service Perry Johnson & Associates, Inc. (PJ&A) provided. The attack targeted PJ&A’s systems, resulting in the exposure of numerous patient records. If hackers accessed your information during the breach, there’s still time to protect yourself.

Facial and Dental Specialist, Fairfax, Announces Leak; 235,000+ Victims

Fairfax Oral and Maxillofacial Surgery serves the residents of Northern Virginia and the surrounding region. They employ a ten-person surgery team with six locations. Fairfax has been the target of a data breach, creating over 235,000 potential victims; your information may be at risk if you’ve been a patient of an associated facility.

Decathlon Partner Data Breach from 2021 Returns with 8,000+ Exposures

Decathlon is a global sporting goods retailer with over 100,000 employees and 1,700+ storefronts worldwide. In 2022, Decathlon reported 15.4 billion euros of net sales revenue, shared with 55,000 shareholding teammates. However, Decathlon suffered a significant data leak a year before its substantial revenue report. Credentials from that attack have resurfaced recently, putting the private information of nearly 8,000 individuals at risk.

Windows Gaming Host, Shadow PC, Attacked via Malicious Software

Shadow PC is a Paris-based gaming host with thousands of clients in Europe and the US. Shadow’s service allows video games with high resource consumption to run on old software; this is made possible by Shadow’s ability to open a virtual computer. The virtual computer takes the onus of running games, allowing even incompatible computers to run game software. Shadow PC’s services are cloud-based, which should allow up to 100,000 users to play on their servers simultaneously.

International Travelers at Risk Following Air Europa Credit Card Hack

Air Europa is a Spanish airline that serves travelers from all over Europe, North America, the Caribbean, and Tunisia. The airline welcomes over 430 million fliers each year, with 10,000+ daily flights across the globe. Following a recent hack, some consumers may have had their credit card information stolen. Very little is public about the cyber incident, meaning any traveler could be at risk.

Weekly Cybersecurity Recap October 13

This week, threat actors targeted the vital aspects of many companies characterized by their robust cybersecurity. 23andMe got hit early on, suffering demographic and relationship exposures that may target Ashkenazi Jews and Chinese descendants. The D.C. Board of Elections was also targeted, potentially exposing the voter information of 600,000+ individuals. Flagstar Bank and Air Europa also suffered, leaking the payment information of their trusting consumers.

Florida Courts Bleed Data Following Supposed BlackCat Ransomware Assault

Florida’s First Judicial Circuit hosts 33 courts in the Northwest of the state. The region serves over 1.4 million residents, most of whom live within areas heavily impacted by the military. Last week, the Florida Courts suffered a data breach, which halted operations across the district starting on October 2nd. In the last 72 hours, ransomware gang BlackCat has claimed responsibility for the assault—and may be holding the credentials for ransom.

Hackers Break into Flagstar Bank via Fiserv and MOVEit Vulnerabilities

Flagstar Bank is one of the largest national banks in the country. They operate over 430 branches and 120 banking teams from coast to coast. Flagstar is also the nation’s second-largest mortgage warehouse lender, servicing over 1.6 million accounts. Flagstar Bank’s conglomerate is based in New York, while their servicing is in Michigan. Flagstar oversees billions of dollars in loans, deposits, assets, and equity.

Voter Information Stolen in D.C. Board of Elections Data Breach

The nation’s capital—Washington, D.C., hosts over 700k+ individuals along the shared border of Maryland and Virginia; within Columbia, an estimated 86.9% of inhabitants can actively vote. The D.C. Board of Elections (DCBOE) is an autonomous group overseeing elections in the area. They manage the voter registration process and manage ballot access for the public. However, D.C. residents are under threat following a recent data breach.

Opportunists Use 23andMe to Expose Jewish Ashkenazi Descendants Online

23andMe is a personal genome and biotechnology company that provides genetic reports to interested clients. 23andMe employs over 800 employees and operates in California. The company reported $299 million in revenues this year, but the figure will likely drop in the upcoming quarter; opportunists have accessed 23andMe’s systems, resulting in thousands of user records leaking online.

Weekly Cybersecurity Recap October 6

Cybersecurity experts work daily to protect the public from threat actors. This week, we learned about new threats to medical records and gas stations and received updated statuses. Nuance Communications was the most recent development in the ongoing MOVEit file breaches; this is a significant blow to the medical community in conjunction with the other medical targets this week, HCA Healthcare and Community First Medical Center.

Chicago Medical Center Notifies 216k+ Patients Following Hacker Data Breach

Community First Medical Center (CFMC) is a medical and nursing facility that serves Chicagoland and Illinois broadly. They employ over 300 individuals who preside over a 299-bed hospital campus. Originally named Our Lady of the Resurrection Hospital, CFMC provides community-focused healthcare, diagnostics, and treatments. If you have received services from CFMC, your private information might have been stolen in a recent data breach.

HCA Healthcare's Hacking Catches the Attention of the Department of Health and Human Services

HCA Healthcare is a national and international healthcare service provider. Their services span over 180 hospitals and thousands of clinics across 20 states. They also offer services in the United Kingdom called HCA UK. Around the world, more than 290,000 people work for HCA; their payrolls include the staff of surgery and urgent care centers, imaging and physician clinics, and more. Back in July, HCA Healthcare suffered a hack exposing the data of more than 11 million Americans.

Opportunists Sneak into Darkbeam: 3.8 Billion Usernames and Passwords Exposed

Darkbeam is a top-performing cyber vulnerability and threat management provider with less than 25 employees. The company has reported over $1 million of revenue in recent years, with numbers as high as $5 million. Their recent acquisition by ApexAnalytics will hopefully increase these statistics, but numbers mean nothing if Darkbeam cannot rebuild its reputation. Darkbeam is the most recent company to suffer over 3 billion records stolen during a data breach.

$3,000 of Gas Stolen from Hacked Pumps in Detroit

Detroit is Michigan’s largest city, hosting a population of more than 630,000 people. The area is called “Motor City” for its contributions to the automobile industry in the 1950s. More than 2.8 million cars belong to Detroit residents—and gas prices have reached a $3.72 gallon average. More cars are on the roads than ever before, but the cost of running them is taking its toll.

MOVEit Hackers Intercept Data and SSNs from Nuance Communications

Nuance Communications is a Microsoft-owned software solutions provider employing more than 6,500 people. Nuance controls industry-defining AI, which professionals may use to fully automate tasks, such as entering and manipulating medical records. Many of Nuance’s clients are hospitals, clinics, and health centers in the southeast of the US; those who have received medical services in these areas are now at risk following the most recent MOVEit data breach.