At a glance.
- Dole attack compromised employee data.
- New Zealand DIA CEO calls for Kiwis to protect their data.
- Surviving the aCropalypse.
Making it even harder to eat your fruits and vegetables.
Dole Food Company, global purveyor of fresh produce, suffered a ransomware attack in February, and the company has now confirmed that the intruders accessed employee data. In the annual report filed with the U.S. Securities and Exchange Commission (SEC) on Wednesday, Dole stated, "In February of 2023, we were the victim of a sophisticated ransomware attack involving unauthorized access to employee information." Bleeping Computer recounts that Dole initially disclosed the ransomware attack on February 22 after customers complained of shortages of Dole products in stores. Although Dole says the attack had little impact on company operations, the company was compelled to shut down production plants across North America for a short period and launch a crisis management protocol to get products back on the shelves. "All our businesses are implementing our Crisis Management Protocol to resume 'business as usual' post haste, inclusive of our Manual Backup Program if needed. Please bear with us as we navigate our way and hopefully we will minimize this event," Dole said in a letter to retailers. It’s unclear how many employees’ data were compromised in the attack.
According to Avishai Avivi, CISO at SafeBreach, draws two lessons from the incident. “There are two interesting aspects to the Dole breach and subsequent action. First, although little information is provided about the actual breach, based on Dole's action to shut down its system across North America, we can deduce that the breach had a lateral movement aspect. This action would indicate either poor segmentation of Dole's networks, or the attack hit a core service shared throughout the North American systems. Considering Dole's organized response, I would lean toward the latter," Avivi said. "Next, we should consider Dole's response. Organizations must proactively prepare for when, not if, they are targeted by ransomware. Companies like Dole that create a formal recovery and remediation plan and test this plan are much more likely to recover from a ransomware attack without significant business impact.”
New Zealand DIA CEO calls for Kiwis to protect their data.
New Zealand’s Department of Internal Affairs (DIA) is warning residents of an increase in data breaches exposing personal data, Newshub reports. Consumer finance services company Latitude Financial last week disclosed a cyberattack had compromised the data of approximately 330,000 customers in New Zealand and Australia, including driver's license and passport info. DIA deputy CEO Maria Robertson stated, "There's a pattern here of organisations where New Zealanders' data is being compromised and that is a great concern to us and should be a concern to everyone.” Noting that Cisco's Cybersecurity Readiness Index reported that about 86% of New Zealand organizations were not properly prepared to respond to cyberattacks, Robertson urged New Zealanders to better protect themselves from hackers looking to steal their information. "I think New Zealanders, generally, are oversharing their data and giving copies of things to individuals or companies that they really probably need to question,” Robertson added. She also recommended individuals transition to digital forms of identification like Real Me instead of sharing copies of their data, which are more likely to end up in the wrong hands.
Surviving the aCropalypse.
As we discussed yesterday, a bug has been discovered in the Markup image editing tool on Google’s Pixel phones that could allow a hacker to access image data that users have edited out of their pictures. Naked Security reports that the now-patched flaw has been given the punny name of aCropalypse, and that it has been found to impact users of Windows 11’s Snipping Tool. The issue is that when an image is edited, instead of it being fully replaced by a new, truncated image, the cropped file is merely partially overwritten, allowing the possibility for hackers to recreate the deleted portion of the picture. To avoid the loophole, it’s recommended that Windows 11 users save “snipped” files under a new filename, and that programmers review their code to ensure that original files are actually being truncated when they are opened.