Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

December 2023

Weekly Cybersecurity Recap December 29

This week caps off our year of cyber breaches; in this week alone, we saw millions of records stolen, targeted health providers, mortgage servicers crumble, and the return of a year-old breach. ESO Solutions made the news first, reporting 2.7 million patient records stolen from their emergency response software. HealthEC was featured in our reporting soon after, announcing a 112k record data breach from their health analytics platform.

Paramount Parent Company, National Amusements, Announces Data Breach a Year Later

National Amusements (NA) is in Norwood, Massachusetts. They are the majority shareholder for media sources, including CBS, Viacom, and Paramount. They operate thousands of movie theaters nationwide, including Showcase SuperLux, Cinema de Lux, Showcase Cinemas, and Multiplex Cinemas. NA’s widespread ties to the entertainment and news cycles may have made it a target. In December 2022, NA suffered a network breach; its report is one of the last to appear in the final days of 2023.

Fidelity's LoanCare Announces 1.3 Million Borrowers' Records Exfiltrated

LoanCare is a sub-servicing entity that assists mortgage loan providers with finance and data functions; they service over 1.5 million customers across the states and beyond. Their operations include mortgage plans via banks, credit unions, and private firms. Fidelity National Financial (FNF) is LoanCare’s parent company, which recently became embattled following a cyberattack. As a result, LoanCare borrowers may have information at risk.

Welltok's MOVEit Breach Continues; Another 2 Million Records Harvested

Welltok provides a multi-use platform allowing institutions and individuals to manage their health and well-being. It is a third-party solution that caters to clinics, health networks, industry leaders, and private clinics. They also offer personalized resources and solutions meant to improve the health and lives of applicable patients.

112k Records Stolen from Population Health Analytics Platform, HealthEC

HealthEC (HEC) is an analytics and AI-assisted solution that siphons all relative information about patients into cohesive packages. Their tech can identify high-risk patients and their barriers to optimal care while providing options to close these care gaps. The data comes from healthcare systems and integrates with claims data to represent the patient best.

Ransomware Criminals Steal 2.7 Million Records from Emergency Software

ESO Solutions is a primary software developer and analytics platform for emergency and associated services; its programs connect emergency response agencies, fire departments, hospitals, and state response offices. ESO collects and disperses data between the services, giving responders the most complete information.

Weekly Cybersecurity Recap December 22

This week was devastating for data breaches. Across the US, cybercriminals stole the information of 58.4 million consumers, patients, and students. Our reports began in West Virginia, where the MOVEit breach cannibalized another 495k records from 17 hospitals. Soon after, Mr. Cooper’s breach appeared with more information about their October event—14.7 million homeowners had their data stolen.

Xfinity Writhes; 36 Million Records Breached via Vendor Vulnerability

Xfinity is the name of Comcast Communications’ internet, TV, and phone service; it is the most significant cabled internet service in the states, with more than 32 million residential customers. Available in 39 contiguous states and the capital, the service provides communication solutions for individuals, companies, institutions, and clinical networks. Xfinity’s vast influence has made them a target for cybercriminals.

New Details Provided for 270k Records Leaked in National Student Clearinghouse MOVEit Event

The National Student Clearinghouse (NSC) is a provider of comprehensive skill sets; they work to better prepare students for success through grade school and during the transition into the workforce. Dubbed “the K-20 to Workforce Continuum,” NSC’s services have assisted thousands of individuals in achieving academic and career distinctions. These same individuals may now be at risk for information misuse, however. The NSC is another victim of the global MOVEit data breach event.

MOVEit Claims 7 Million More; Patients of Delta Dental of California and Others

Delta Dental of California (DDC), Delta Dental Insurance Company, Delta Dental of Pennsylvania, and other subsidiaries may have exposed data; the compromised data is not a product of the organizations. Instead, the breach stems from a third-party servicer specializing in file management and transferring tools—MOVEit.

Best Practices to Prevent E-commerce Fraud

Roughly 20 percent of all retail sales occur online. This statistic may sound lukewarm now, but e-commerce is rapidly becoming the lion’s share of global transactions. However, the model’s incredible growth also provides criminals ample opportunity to steal from online businesses. The absence of a physical location removes much of the criminal’s risk, and new strategies constantly pop up. A robust fraud prevention strategy should cover the majority of business operations.

Embezzlement: Definitions and the Anatomy of Financial Fraud

Embezzlement is an internal crime that someone commits against their organization. The perpetrator's inside knowledge helps them avoid detection and clean up the evidence. It's a problem that can spiral out of control and cause massive damage to an organization's public face. Identifying the warning signs of embezzlement and acting quickly is essential to preventing the worst-case scenario.

Exploring the Pros and Cons of Purchasing Cryptocurrency with PayPal Wallet

The explosive growth of cryptocurrencies was nothing short of extraordinary. Even the most doubtful among us couldn’t help but put a few dollars in to see what would happen. The phenomenon gave rise to many cryptocurrency management platforms, and PayPal put its hat in the ring as well. Unlike apps made for the explicit purpose of handling crypto, PayPal was an established platform with roughly 350 million users.

14.7 Million Homeowners Exposed in Nationstar Mortgage/Mr. Cooper Event

We reported on Mr. Cooper—one of the nation’s largest mortgage providers—a month ago. Mr. Cooper was featured as they dealt with the throws of a cybersecurity event. The attack disrupted their networks and caused homeowners to avoid payment dues temporarily. Back then, the consequences of the attack were unclear. Subsequently, the public was left to speculate about the event’s impact. Preliminary investigations have concluded, and the impact figure is massive.

Welltok's MOVEit Breach Returns; Data Stolen from 17 West Virginia Hospitals

The West Virginia University Health System (WVUHS) contains multiple institution locations, hospitals, and clinics. Welltok is a communications platform that allows patients and physicians to speak while encouraging healthy lifestyles. Like thousands of other medical providers, Welltok utilizes a third-party vendor to manage and maintain patient information; this vendor is Progress Software’s MOVEit.

Weekly Cybersecurity Recap December 15

This week, cybercriminals again targeted US medical records and patient identities. The attacks started with a 2.5 million record breach from Kentucky’s Norton Healthcare circuit, including data from pediatric patients. On the other side of the country, cybercriminals also targeted Oregon’s Neuro Center of the Cascades; the attack spilled over 20k records into the hands of criminals.

Cybercriminals Target the Heart of Arizona; 484k Records Stolen from Cardiovascular Group

In the Valley of the Sun, Cardiovascular Consultants Ltd. (CVC) provides clinical, surgical, and consultation services; the Phoenix-based cardio group serves 11 of the region’s hospitals—offering a range of assistance for patients and physicians. In September, cybercriminals attacked CVC. The event may have exposed the information of thousands.

Assailants Attack Illinois Medical Center; 147k Patient Records Stolen

Southern Illinois Healthcare oversees the operations of Harrisburg Medical Center (HMC), a not-for-profit community hospital with over 70 beds and 140 physicians. They are partnered with other clinics in the area, providing a comprehensive healthcare network for residents in the region. HMC suffered a network data breach nearly a year ago.

Oregon Healthcare Provider Suffers Employee Email Data Breach

In Oregon, the Neuromusculoskeletal Center of the Cascades and Cascade Surgicenter collectively are “The Center.” The professionals that work there are highly trained doctors from many fields, including physiatry, occupational medicine, neurosurgical, and orthopedic care. The Center serves central Oregon at three stand-alone clinics and rural treatment at six shared clinics.

Anheuser-Busch Distributor, Ben E. Keith, Network Breach Update

Ben E. Keith Company (BEK) is a food and drink distributor that serves over 62 Texas counties and 15 states. They are a service provider for Anheuser-Busch products, providing everything from craft and import drinks to steaks and sugar. In October, BEK announced a possible data breach of their network information, but further details required an investigation. Their investigations have presumably ended, as a notice for the event has recently appeared on the Texas Attorney General’s website.

Ransomware Hits Kentucky Healthcare Network, Exposing Data of 2.5 Million

Norton Healthcare consists of over 430 locations between Kentucky and Indiana. The clinics meet over two million a year, including adult and pediatric patients. The hospital offers one of the largest not-for-profit healthcare systems in the region and employs over 25,000 faculty members. Norton Healthcare is a community powerhouse in the region; this makes their announcement of a data breach all the more disturbing.

Weekly Cybersecurity Recap December 8

This week’s data breaches contained significant impact figures from around the world. Malware on a vendor’s computer inadvertently breached Japan’s Line Messenger. New York’s East River Medical Imaging suffered the loss of employee and patient record information. The Pan-American Life Insurance Group faces a 105k record data breach through MOVEit.

Experts Urge Complete Cybersecurity Defense-2.6 Billion Records Exposed by Cyberattacks in 2 Years

Cybersecurity breaches are at epidemic proportions; in the last two years, cybercriminals have stolen over 2.6 billion consumer records from thousands of organizations. The breaches target more than individuals—they target data from healthcare networks, academic institutions, small businesses, and governments. The attacks come at a destructive cost. Where criminals use personal information for extortion, and the trust of the public is ever-decreasing.

Health Organization Records Stolen via Welltok's MOVEit - 930k+ Including Minors

The number of victims caused by the global MOVEit data breach continues to climb; Welltok has announced more exposures, this time from three more health organizations. Welltok is an online provider of lifestyle health services and allows health professionals to communicate quickly with their patients. This most recent announcement involves Elixir RX Solutions from Ohio, OrthoNebraska from Nebraska, and OSF HealthCare System from Illinois.

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

The Pan-American Life Insurance Group (PALIG) provides various insurance plans across the states and beyond. PALIG employs more than 2,100 staff and has a 110-year history of providing insurance to those needing it. Companies and individuals turn to PALIG in their time of need, and PALIG returns the favor by providing high-quality insurance options.

New York Healthcare Provider Notified 600k Following Network Cyberattack

East River Medical Imaging (ERMI) has three locations in New York City and Westchester County. ERMI is a “multi-modality radiology center,” including patient-centered solutions like MRIs, CTs, ultrasounds, imaging, radiology, fluoroscopy, and x-rays. They have served New York since 1970 and have a long history of high-quality patient care. At the end of August, an unauthorized actor accessed their network—exposing sensitive information from employees and patients.

Japan's Line Messenger Embattled; 440,000 at Risk for Exposure

Line Messenger is a communication app that allows users to communicate for free by sending messages and making voice calls. Japan’s mega-corporation, LY Corp., owns them; LY offers a variety of lifestyle solutions, including shopping, business, gaming, and financial tech apps. LY purportedly discovered a breach at the beginning of October—although investigations are ongoing, the event may have exposed thousands.

Weekly Cybersecurity Recap December 1

This week, cybercriminals targeted health lifestyle members, patients, gamblers, and general consumers. Early on, Welltok returned to the news, this time with over 426k member data stolen by assailants; the organizations impacted by the breach were Premier Health and Graphic Packaging International. In North Carolina, cybercriminals targeted a healthcare clinic. The assailants stole more than 60k patient records from Robeson Health Care.

Family Dollar & Dollar Tree Bleed Consumer Data Following Cyberattack

In 2015, Family Dollar acquired its biggest competitor, Dollar Tree. Family Dollar is one-half of a consumer’s dream; they offer low-priced goods for families in 8,200 locations nationwide. The other half of the business offers even lower deals. Dollar Tree provides options for $1 purchases at 15,000 locations throughout the states. Now, branches are sporting both company’s colors, wares, and deals.