Cyber Security News Roundup – 22nd May 2023

It's a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.

Ransomware gang steals data of 5.8 million PharMerica patients

15/5

American pharmacy services provider PharMerica, who serve 3,100 medical facilities nationwide, have disclosed a serious data breach that has exposed the personal data of over 5.8 million patients to cyber criminals. The incident was first discovered on the 14th of March, with an investigation concluding on the 21st of the same month that customer information had been stolen – the stolen information included full names, addresses, dates of birth, social security numbers, medications, and health insurance information. Notices were only first sent to affected individuals on the 12th of May, alongside one year of identity protection fraud monitoring services. While PharMerica declined to comment on the nature of the breach, the Money Message ransomware operation has claimed the attack, publishing what they claim to be 4.7Tb of stolen data on their extortion site after the ransom timer expired. An unknown threat actor has already posted the entire leak on a clearnet hacking forum. (Bleeping Computer)

ScanSource says ransomware attack behind multi-day outages

17/5

Scansource, a US based technology provider with locations in Canada, Brazil, and the UK, have confirmed that a recent multi-day outage of some of its systems, business operations, and customer portals was the result of a ransomware attack. It is not yet known who was behind the attack, however the company quickly implemented its incident response plan, alerting law enforcement and hiring forensic and cybersecurity professionals to assist with ongoing investigations and help implement strategies to mitigate the risk of further incidents. Customers were left unable to access ScanSource customer portals and websites, and the company has warned that delays in the provision of services to customers are expected to affect their operations in North America and Brazil. (Bleeping Computer)

IT teams are being told to keep data breaches quiet

18/5

Despite the major fines, legal consequences, and damaged brand image that results from hiding a data breach, new research has claimed that many businesses still do it. In fact, 42% of IT leaders worldwide were told to keep cybersecurity incidents to themselves – alarming when you consider the fact that more than half of surveyed businesses said they had experienced at least one data breach in the last 12 months. According to the research, US based businesses were the worst for keeping cyber incidents secret. 70% of IT leaders in the country were told to keep cyber incidents quiet, while 55% kept data thefts a secret despite knowing that this is wrong. (Tech Radar)

Capita’s data breach fallout widens as local councils launch probes

18/5

Five local UK councils have joined Colchester Council in confirming that their files have been put at risk in unsecured cloud-based storage, as the fallout from the recent Capita data breach grows. On Wednesday, Colchester announced that they had suffered a “serious data breach” in which residents benefits details were left exposed on an unsecured Amazon Data Bucket controlled by Capita. Coventry, Adur and Worthing in West Sussex, Rochford District and South Staffordshire also stated that their data had been exposed, with Coventry saying that they were “belatedly informed” of a “historic data breach”. Capita, one of the UK’s largest IT and data outsourcers, suffered the cyber attack in March, followed by warnings that the personal data of about half a million members may have been stolen. Several councils have now reported the incident to the Information Commissioners Office, with analysts warning that Capita will lose contracts from its data breaches. (Financial Times)

Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!