At a glance.
- French COVID-19 test data breached.
- Ransomware at customer support provider TTEC.
- The cost to HSE of the ransomware attack it sustained.
French COVID-19 testing data stolen.
SecurityWeek reports that hackers attacked the Paris public hospital system, or AP-HP, and nabbed the personal data of approximately 1.4 million COVID-19 test recipients. The incident compromised patient contact information, social security numbers, and test results, as well as contact details for the health workers who administered the tests. RFI adds that the system targeted was a file sharing service that was used for only a brief time to transmit information to the national Covid contact-tracing system, SI-DEP, which was experiencing technical issues at the time, and as a result only testing data from mid-2020 were compromised. The French National Agency for the Security of Information Systems and France's data watchdog, the CNIL, have been notified, and the latter has launched an investigation. It’s worth noting that this is the second incident impacting French COVID-19 data in recent weeks, as earlier this month the breach of a pharmacist platform linked with SI-DEP led to the exposure of the test results and personal data of 700,000 individuals.
TTEC ransomware attack puts employees on hold.
Colorado-based customer service megacorp TTEC has experienced a ransomware attack likely carried out by the Ragnar Locker threat group, notorious for targeting big companies with big pockets. According to KrebsOnSecurity, TTEC sent employees a message warning them not to open a suspicious file bearing the not so subtle name “!RA!G!N!A!R!” that might have mysteriously appeared in their Windows start menu, explaining “It’s a nuisance message file and we’re working on removing it from our systems.” As the attack has forced hundreds of employees to pause work, and TTEC’s clients include household names like Bank of America, Best Buy, Kaiser Permanente, and Verizon, the incident could have far-reaching repercussions. “As far as I know, all low-level employees have another day off today,” said an anonymous source. A statement from TTEC explained, “Although as a result of the incident, some of our data was encrypted and business activities at several facilities have been temporarily disrupted, the company continuous [sic] to serve its global clients.” The ongoing investigation has not yielded evidence that client data were impacted.
James McQuiggan, security awareness advocate at KnowBe4, commented on the ways in which third-party risks to privacy and security propagate through the supply chain:
“When organizations are attacked with a large customer base that relies on a service or product, it hinders the business and creates a trickle-down impact on all of their customers. Ransomware attacks have been known to hinder the business and steal intellectual property, client information and employee information. The cyber criminals then use this information to extort the employees or customers for additional money or be in fear of their data being released publicly. Organizations want to make sure they have a robust security awareness program with communication paths for employees to report suspicious incidents and a team to resolve them quickly.”
HSE ransomware attack expenses pile up.
Weeks after the massive ransomware attack that shook up the Irish healthcare system, Paul Reid, chief executive of Ireland’s Health Service Executive, spoke to the Oireachtas Public Accounts Committee regarding the progress of the investigation and recovery process, RTE.ie reports. Reid told Irish legislators the attack could cost the health agency up to €100 million, explaining that 30,000 devices had to be replaced costing approximately €30m, and that vendor support and monitoring racked up another €20m in recurring expenses. He added that over five hundred patient records and a "whole range of corporate documentation" had been recovered, but there is still uncertainty surrounding exactly what data were compromised.