U.S. supermarket chain says pharmacy records hacked, a slip-up at a Winnipeg school board and the impact of ransomware
Welcome to Cyber Security Today. It’s Monday, February 22nd. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
 |
 |
 |
Earlier this month I told you about a successful theft of data from the Washington State auditor’s office through a bug in a file transferring application called Accellion FTA. Since then there have more reports of data thefts allegedly exploiting problems with that software. The latest comes from the American Kroger supermarket chain. On Friday, Kroger acknowledged Accellion had told it crooks have copied pharmacy records of some customers as well as some records of current and former employees through an Accellion application. The incident happened last month. Kroger owns a number of stores under its own brand and others. No credit card numbers were copied. However, according to a news report, the information stolen from pharmacies may have included people’s names, email addresses, phone numbers, home addresses, dates of birth, Social Security numbers and medication.
One of the biggest venture capital firms in the world is telling investors that some of their personal and financial information has been hacked. The victim is Sequoia Capital, according to the Axios news service. It says Sequoia issued a statement that it had experienced a cybersecurity incident.
Here’s another one of those ‘oopsy’ moments: Students at the Winnipeg Adult Education Centre were supposed to get a personal email link to their report cards last week. Each link was supposed to only go to one individual’s information. Instead the link showed the report cards for all 400 students. According to the CBC, the Winnipeg School Board said the link was active for less than an hour and only 40 students clicked on it before it was taken down. The school board has apologized. It’s another example of a configuration error.
For leaders of organizations that don’t understand the impact of a ransomware attack, consider this summary presented last week by a North Carolina county that was hit in October and refused to pay up: After losing use of its internet access, office phones and voicemail, the county decided to rebuild its network infrastructure. That meant completely wiping and re-imaging servers and more than 550 computers of employees. That would make sure any infection was removed. Some software needed to be upgraded or changed as well. The re-imaging and software changes took three months.
It helped those nearby municipalities and the county emergency management service loaned the county laptops. Having cyber insurance helped with costs, but four months after the attack the county is still restoring some business systems, network connections and phones. The cause of the attack: Someone clicked on an email attachment with a poisoned document. The report is an update because this month the ransomware gang has started releasing data it copied.
By the way, for those who think it’s cheaper to pay the ransom, don’t forget that victim organizations that do will likely still have to rebuild their IT network to make sure there are no backdoors and the attackers can’t come after you again.
More on ransomware: One of the latest victims is Underwriter Laboratories, the service that certifies the safety of electrical designs of products in the United States, Canada and other countries. The Bleeping Computer news service says UL told it the incident happened February 13th. It hasn’t yet determined what information may have been impacted.
Finally, if you’re using the Brave browser and go to dark web sites with .onion domains get the latest update. The feature called “Private Window with Tor” wasn’t protecting your search history as well as it could.
That’s it for today. Links to details about these stories are in the text version of this podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at cybersecurity professionals.
Subscribe to Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.