WEEK OF MAY 16, 2022
EU agrees new cybersecurity legislation for critical services organizations
- The European Union (EU) has reached political agreement on new legislation that will impose common cybersecurity standards on critical industry organizations.
- The new directive will replace the EU’s existing rules on the security of network and information systems (NIS Directive), which requires updating because “of the increasing degree of digitalization and interconnectedness of our society and the rising number of cyber malicious activities at the global level.”
- The NIS 2 Directive will cover medium and large organizations operating in critical sectors. These include providers of public electronic communications services, digital services, wastewater and waste management, manufacturing of critical products, postal and courier services, healthcare and public administration.
- It couldn’t be learned from the report how many Americans’ data was examined by the FBI under the program, though officials said it was also almost certainly a much smaller number.
NH medical device company faces data security incident, 81k impacted
- New Hampshire-based medical device company NuLife Med suffered a data security incident in March that impacted 81,244 individuals.
- According to a notice on its website, NuLife Med discovered the incident on March 11 and later determined that an unauthorized actor had potentially viewed or acquired information between March 9 and March 11.
- As of May 9, NuLife had found no evidence of identity theft or fraud resulting from the event, and it could not “say with certainty the exact files that were potentially accessed or acquired by the unauthorized third-party, other than a limited number.”
- The impacted information potentially included names, medical information, health insurance information, addresses, some Social Security numbers, financial account information, and driver’s license information.
Engineering firm Parker discloses data breach after ransomware attack
- The Parker-Hannifin Corporation announced a data breach exposing employees’ personal information after the Conti ransomware gang began publishing allegedly stolen data last month.
- Parker-Hannifin says a security incident occurred between March 11 and March 14, 2022, and that it involved a third party who gained unauthorized access to Parker’s computer systems.
- The subsequent investigation determined that threat actors had exfiltrated specific files from the firm’s computers, so Parker immediately informed the law enforcement authorities of the data breach.
Sensitive personal data among thousands of files exposed in Elgin cybersecurity incident: Gonyou
- County officials first confirmed that a “cyber security incident” had occurred in a memo that was circulated to staff on March 31 and obtained by the London Free Press.
- Officials in the county south of London, Ont., have kept mum about the incident over the last several weeks, but now say that roughly 26,000 files and the information of about 300 people were compromised after an “unauthorized third party” gained access to its network.
- Highly sensitive data pertaining to 33 people, including social insurance numbers, health card numbers and financial information, was also among the data posted, said Julie Gonyou, Elgin’s CAO, in an interview with Global News.
- “We are providing 12 months of credit monitoring and identity theft protection to those 33 individuals whose sensitive information was compromised,” Gonyou said on Monday.
Ukrainian imprisoned for selling access to thousands of PCs
- Ivanov-Tolpintsev claimed to some of his co-conspirators that he could crack credentials for over 2,000 systems each week in brute-force attacks using a botnet under his control.
- “During the course of the conspiracy, Ivanov-Tolpintsev boasted that his botnet was capable of decrypting the login credentials of at least 2,000 computers every week,” the Department of Justice revealed today.
- “From 2017 through 2019, Ivanov-Tolpintsev listed for sale thousands of login credentials of servers on the Marketplace, including more than 100 in the Middle District of Florida.”
- The stolen credentials sold on the dark web can be used by threat actors in a wide range of attacks (e.g., data theft, ransomware attacks) or to proxy their activity and cover the trails of other attacks.
Oklahoma city Indian clinic data breach affects 40,000 individuals
- According to a notice posted on the clinic’s website, on May 12, the clinic identified a data security incident that affected its computer system.
- To investigate the incident, OKCIC enlisted the help of a third-party forensic firm. The subsequent investigation confirmed that an unauthorized party accessed – and possibly retained – sensitive customer information.
- OKCIC revealed that compromised files included name, dates of birth, treatment information, prescription information, medical records, physician information, health insurance policy numbers, phone numbers, Tribal ID numbers, Social Security numbers and driver’s license numbers of customers.
- As many as 38,239 individuals are reportedly impacted by the breach. OKCIS issued data breach letters to affected customers.