Nissan is investigating a cyberattack on its systems in Australia and New Zealand, with potential access to personal information. The Nissan Oceania division, covering distribution, marketing, sales, and services, issued a warning to customers about a data breach, cautioning them about possible scams. The company deployed its global incident response team to assess the impact and determine if any personal information was compromised. While website functionality seems unaffected, Nissan urges customer vigilance, stating that affected systems are being restored. (bleepingcomputer.com)
This is a big deal... Is a warning enough?
My Thoughts: The vague term 'cyber incident' raises concerns about the efficacy of existing security measures. While Nissan's quick response with a global incident response team is notable, the recurrence of such breaches underscores systemic issues. The focus on customer vigilance is necessary despite not providing further details about what in fact happened. We hope to hear more from Nissan as things unfold. Clients must now expect a level of risk when working with any vendor / supplier given the number of companies which repeatedly find themselves in these situations. Why?
To break this cycle, the industry must address root causes, fostering a more proactive and resilient cybersecurity posture to prevent future breaches.
Book a call with me to discuss your enterprise's cyber security posture and how Assurance IT can help you out in 2024. My Calender
Genetic testing company 23andMe revealed a data breach affecting 6.9 million individuals, contrary to its initial announcement of 0.1% (14,000) customers. Hackers accessed personal data of about 5.5 million users who opted for the DNA Relatives feature, including names, birth years, relationship labels, DNA shared percentages, ancestry reports, and self-reported locations. Another 1.4 million users had their Family Tree profile information accessed. The breach, disclosed in October, originated from password reuse, enabling hackers to brute-force accounts. The incident exposed half of 23andMe's reported 14 million customers. (techcrunch.com)
My thoughts: The 23andMe data breach highlights the severe consequences of password reuse and the cascading impact on genetic testing privacy. Hackers exploiting DNA Relatives features showcase the interconnected risks, magnifying the breach's scale. To mitigate such risks, biotech companies must implement stronger authentication methods, encourage unique passwords, and invest in continuous monitoring to detect abnormal account activities promptly.
Transparent communication about breach details is essential to rebuild user trust.
Get Better Authentication. Start by getting a risk assessment
Tri-City Medical Center, previously hit by a ransomware attack, faces ongoing extortion threats as cybercriminal group "INC RANSOM" claims possession of stolen records on the dark web. The breach occurred on Nov. 9, impacting operations, and though the hospital resumed services on Nov. 27, the attackers continue to pressure the organization. The posted records include sensitive patient data, with the hackers employing the information for leverage. Cybersecurity experts warn of potential health care billing fraud and advise affected individuals to monitor financial accounts, medical records, and consider freezing credit, emphasizing the importance of digital hygiene practices. (sandiegouniontribune.com)
Until the healthcare sector understands that something major needs to be done, they will keep getting breached. Over and over again.
What should they do:
My thoughts: The ongoing threats to Tri-City Medical Center underscore that enterprises are still not getting the message. It’s not a matter of if, but when. It's time they invest in advanced threat detection, implement multifactor authentication, and ensure continuous software updates. Proactive measures like staff training are paramount and provide the “biggest bang for the buck” At risk of repetition, companies need to adopt a zero-trust framework, and strong password practices are crucial.
Nova Scotia's information and privacy commissioner, Tricia Ralph, is investigating the theft of personal information from a file-transfer system called MoveIt, used by the provincial government. The cybersecurity breach, confirmed in June 2023, involved a third-party system used by various public bodies, including government departments and Nova Scotia Health. Ralph's investigation will assess the government's security and information practices, along with its response to the breach. As many as 100,000 people may have had their personal data stolen, leading to 110 complaints. The government has been cooperating with the investigation, and the Minister of Service Nova Scotia, Colton LeBlanc, welcomed the inquiry, stating that lessons in data management are being sought. The MoveIt software, created by Ipswitch, a Massachusetts-based company, was confirmed to be vulnerable to unauthorized access by its parent company, Progress Software. No timeline for the investigation report was provided. (canadianunderwriter.ca)
Robust third-party system security assessments are not an option. They should be REQUIRED.
My Thoughts: Examining the Nova Scotia government's cybersecurity breach involving the MoveIt file-transfer system reveals a critical lapse in third-party risk management. The vulnerability exploited highlights the importance of penetration testing, continuous monitoring, and secure coding practices to mitigate the risk of unauthorized access. There is a pressing need for a comprehensive incident response plan, including threat intelligence integration and user awareness training. This will enhance the overall cyber resilience of government systems. So many players are now involved in sometimes very menial transactions / supply chains. A thorough review of the supply chain security framework is crucial, emphasizing secure software development practices and regular audits. They need to ensure the integrity of third-party solutions and prevent future data exfiltration incidents.
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.