This Cyber Weekly includes:
Thanks to all 2674 subscribers! If you like receiving the cyber news every week, be sure to show your support by sharing this post. It helps a lot!
Publishing giant Macmillan took action when hit with a cyberattack. They immediately went offline to prevent further spread of the attack. It seems like they were the victim of a double extortion where their files were stolen and then encrypted. At this time, the ransomware group is unknown. The amazing part about this story is how Macmillan reacted. They immediately warned all stakeholders. They tweeted about it and they sent a quote to the news outlets about the situation.
If you’re curious, this is the note Macmillan sent to Bleeping Computer:
"Macmillan recently experienced a security incident, which involves the encryption of certain files on our network. As a precautionary measure, we immediately took systems offline to prevent further impact to our network. We are working diligently with specialists to investigate the source of this issue, understand its impact on our systems, and to restore full functionality to our networks as soon as possible.
Customers and other third-party partners may notice that certain systems are unavailable while these efforts are underway. Please know that the Macmillan team is working around the clock on this restoration and installation of additional network safeguards.
We are bringing certain systems back online, including those that we took offline as a precautionary measure. We have made good progress getting our teams access to key systems. Our UK warehouse resumed operations on June 28. For the US, we are accepting orders electronically, but are unable to process them at this time. We will continue to communicate updates as they come." - Macmillan. (BleepingComputer)
My thoughts: It’s not ideal to get attacked and for your stakeholders to be affected – especially clients. Unfortunately, Macmillan got hit. But instead of keeping it a secret or only giving half-truths, they openly updated everyone. They made sure everyone knew what was happening. From a public relations standpoint – to maintain reputation and trust – this is one company that did it best. According to GDPR, the UK publishing giant was required to update stakeholders about the issue. However, I think Tweeting about it and sending a message to News outlets is one step further they didn’t have to go. And I think it will help them in the long-run. On the other hand, the UK is even more advanced in cyber security than North America, so it begs the questions as to why this happened in the first place.
California DOJ launched their new Firearms Dashboard that revealed the information of firearms owned in the state. The dashboard was taken down within 24 hours. However, it exposed personal information of anyone who was granted or denied a concealed and carry weapons permit between 2011-2021. The personal information exposed included names, date of birth, gender, race, driver’s license number, addresses, and criminal history. At this time, they are not sure if the information was stolen. (TheRecord)
My thoughts: In Quebec, the new data privacy law will require processes/projects to ensure privacy by design and privacy by default. Here is a snippet of what that means: “Privacy by design means that privacy is embedded into every process. It will be required to integrate, by default, privacy settings to the highest degree. Privacy will also need to be considered from the very beginning of all your projects that involve personal data. It gives the users a guarantee that their personal information is automatically protected.” Although it might not be required everywhere in North America, I think it’s a good best practice for every business moving forward.
In 2019, Carnival cruise was hacked. Over 180,000 employee and customer information were leaked. They were sued by 46 attorney generals across the country. To make matters worse, they only told the public 10 months after they discovered the breach. This led to many people being affected.
“This settlement sends the message that companies need to take stock of what information they maintain and take reasonable steps to protect that information,” Connecticut Attorney General William Tong said. “Storing large amounts of information in unmanageable formats, such as email, does not excuse delays in notifying state attorneys general or impacted individuals about a breach.” (TheRecord)
My thoughts: Withholding information from the public is the worst thing you can do. It’s probably why employees and customers went after them at all. Had they known about their information being compromised, they could have taken proper measures to stay safe. This is a situation that was made worse for no reason.
An elderly woman withdrew $30,000 from her bank account and headed toward a Bitcoin ATM. Scammers hacked her computer and told her the only way to gain access to her files was to pay the ransom fee. They pretended to be Microsoft employees. Luckily, a store clerk noticed what was happening and called the police. She didn’t lose any money after all. (Metrowestdailynews)
“This is the second time (that we know of) we’ve investigated a large dollar scam at this Bitcoin machine, the first victim was not as fortunate, but we still are hopeful that our investigation will allow us to return nearly $50,000," police said in a statement.
My thoughts: I want to spread awareness of this scam. We must warn our parents of these scams and educate them that if they are having any problems to reach out to us and not a stranger on the phone. We will provide a number if need be. Please share this story with the elderly.
Assurance IT is launching a new Veeam promo. When you renew your Veeam Support Contract with us, you get 1TB of Cloud Connect Backup for free, for making the switch. The promo is going to launch in the near future.
If you want to learn more about the 3-2-1 Backup Rule and how many companies use it to protect their data, here is an article that highlights its importance.
I'll keep you posted on when we launch the promo. Reach out if you have any questions.
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.