Cyber Security News Roundup – 30th May 2023

It's a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.

Arms maker Rheinmetall confirms BlackBasta ransomware attack

23/5

German automotive and arms manufacturer Rheinmetall AG, with over 25,000 employees and $7 billion in annual revenue, has confirmed that a BlackBasta ransomware attack has caused disruption to its civilian business. BlackBasta first posted Rheinmetall on its extortion site on the 20^th of May, publishing data samples that include non-disclosure agreements, technical schematics, passport scans, and purchase orders. A company spokesperson stated that the attack was detected on the 14^th of April, and that due to Rheinmetall’s “strictly separated” IT infrastructure only the civilian side of the business has been affected. Rheinmetall also confirmed that it has informed the relevant law enforcement authorities and filed a criminal complaint with the Cologne public prosecutor's office. (Bleeping Computer)

Dutch watchdog looking into alleged Tesla data breach

26/5

On Friday the Dutch data protection watchdog stated that it was aware of possible Tesla data protection breaches, but added that it was too early for further comment. This comes after reports on Thursday in German newspaper Handelsblatt that Tesla allegedly failed to adequately protect data from customers, employees and business partners, with 100 gigabytes of confidential data leaked by a whistleblower cited and customer data sets reportedly found in abundance. Leaked files include tables that contain the sensitive data of more than 100,000 former and current employees, including the social security number of Chief Executive Officer Elon Musk. Handelsblatt are reporting that the breach violates GDPR, which if proven could result in a fine of up to €3.26 billion. (Reuters)

Industrial giant ABB disclosed data breach after ransomware attack

28/5

Another BlackBasta ransomware incident occurred last week, this time impacting Swiss electrification and automation technology provider ABB. ABB are a multinational industrial giant, with over 105,000 staff and $29.4 billion in annual revenue. In a press release, ABB confirmed the attack, stating that threat actors had gained unauthorised access to certain ABB systems, deployed ransomware, and exfiltrated certain data. ABB’s investigation is ongoing, with the company now working with external cybersecurity experts to determine the extent of the incident, however their operations have now fully recovered with all factories operating. (Security Affairs)

Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals

29/5

Managed Care of North America, one of the largest dental care and oral health insurance providers in the US, has suffered a data breach that has impacted a total of 8,923,662 patients, revealing an assortment of their personal information to threat actors. MCNA first noticed the unauthorised network access on the 6^th of March, determining that the third party was able to infect certain systems with malicious code and remove copies of personal information between the 26^th of February and the 7^th of March. Infamous ransomware operation LockBit have claimed responsibility for the cyber attack, demanding a ransom of $10 million and adding MCNA onto their extortion site alongside a sample of the stolen data. On the 7^th of April, LockBit published the full stolen data set. (Security Affairs)

Capita hack: 90 organisations report data breaches to watchdog

29/5

The recent data breach at outsourcing giant Capita continues to cause problems, with 90 organisations now reporting breaches of personal data held by Capita to the Information Commissioner’s Office. The March cyber attack revealed that Capita had left a pool of data unsecured online, resulting in hundreds of thousands of individuals being warned that they could have been affected. Capita is contracted by both private and public organisations, with their clients including pension schemes and local councils, handling the data of millions of people. Despite Capita initially telling journalists that personal data hadn’t been put at risk, multiple local councils are now stating the opposite, with security researchers confident that the incident was caused by a ransomware attack and has actually compromised a significant range of data. Capita state that they have taken the steps to secure their data, and that the unsecured data left online is no longer accessible. (BBC News)

Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!