Ninety seven million records breached in August 2022

September 4, 2022 |

The repetition of tens of millions of records being breached each month can have a numbing effect and can lead the reader to be either blase or resigned (they are different) to each installment.  It can lead to the wrong attitude that data breaches are inevitable.  That old saw is relied on by organisations who don’t like regulation or being made to pay more attention to data security.

It governance has compiled its list of data breaches for August and calculated that 97, 456,345 records were breached in 112 publicly disclosed incidents. The reference to public disclosure is important.  There is significant under reporting.  Later disclosures by affected organisations and breaches being discovered by third parties (including hackers) provide ample evidence that some organisations try to avoid disclosing breaches when they think they can get away with it. Further, in many cases while the data breach can be established organisations are reluctant to provide information of how many records have been accessed.  That makes getting a complete figure a difficult proposition.

For August some of the data breaches:

Since then Samsung put out a notice on 2 September 2022 advising that that it had suffered a data breach in July, discovered on 4 August 2022. Hackers known as DESORDEN have hit the Boga Group which operates 200 restaurants in Indonesia and Malaysia resulting in 400,000 customer records and 26,000 records of employess being compromised. And in Tulsa Oklahoma in a cyber attack Tulsa Tech lost personal information of students who attended there between 1986 and 1999.  That data included social security numbers. Why Tulsa Tech thought it sensible to keep records of students who attended between 36 and 23 years ago is a mystery.  If those records were a matter of historical interest they should have been stored off line, even if kept in a digital form.  Why they were not encrypted is also an interesting point. And in Paris police are negotiating with hackers who paralysed a Paris region hospital and initially wanted 10 million euros ransom.  The story provides:

An elite French police unit is reportedly negotiating with hackers demanding a seven-figure ransom after paralysing the computer system of a Paris region hospital.

Le Parisien newspaper said the Groupe d’Intervention de la Gendarmerie Nationale (GIGN), the French military police unit that specialises in terrorism, hostage-taking and other such crimes, was involved in round-the-clock talks with the hackers on encrypted platforms.

The daily said police had managed to negotiate the ransom demand down from an initial €10 million to €1 million.

In such cases, hackers generally demand payment of a ransom to decrypt or unlock the computers they have targeted.

Officially, the police officers are buying time while cybersecurity experts seek to combat the ransomware introduced into the hospital’s computer system. The French authorities say they will not pay any ransom at all. However, the country has a long history of paying to free French hostages while insisting that it would never do any such thing.

The 1,000-bed South Francilien Hospital Centre (CHSF) in Corbeil-Essonnes was hit last week when hackers introduced malicious software into its digital systems, preventing staff from accessing content on computers.

Doctors have had to write prescriptions by hand while hospital managers, who say the attack has already cost €2.1 million, have been scrambling to find ways of transmitting the results of blood tests, scans and other medical examinations between departments. The hospital has had to reduce its activity, with some patients being moved to other establishments and only about half of its beds now occupied.

The accident and emergency department has been diverting ambulances elsewhere to cut the number of arrivals by about 50 per cent.

Specialist French journalists have speculated that the hospital was attacked by Lockbit 3.0, a ransomware linked to a group of hackers thought to be based in Russia. French officials have refused to confirm this.

The GIGN has been called in to deal with up to 20 ransomware attacks in France over the past two years. Its 24 national negotiators have all undergone training in how to handle talks with hackers. The unit also has 350 negotiators in the French provinces, who are also due to be given ransomware negotiation courses.

Hospitals around the world, including in the UK, appear particularly vulnerable to this type of attack. Last month an NHS software supplier was hit by ransomware, disrupting the 111 telephone advice service, GP surgeries and some specialist mental health trusts.

French authorities registered an average of one attack a week on the country’s medical establishments last year.

The rate had fallen this year, with officials claiming that they had improved safeguards after the implementation of a €25 million cybersecurity plan for hospitals and clinics.

Leave a Reply

Verified by MonsterInsights