InfoSecBulletin Cybersecurity for mankind
A data breach here, a data breach there, data breaches everywhere. Today, we report to you a collection of data breaches across multiple sectors. The first breach involves a cloud-based education platform, which impacted millions. We also have a new Black Basta ransomware attack on a Swiss MNC. Circling back to data breaches, a Singapore broadband service provider suffered one that affected 50% of its customers. Here are the top 10 highlights from the last 24 hours.
01
U.S. tech company and Siemens subsidiary Brightly Software suffered a data breach that has affected over 2.9 million users of its SchoolDude online platform.
02
Swiss automation technology provider ABB experienced a Black Basta ransomware attack, disrupting operations and delaying projects. VPN connections with customers were terminated to prevent the ransomware from spreading.
03
Texas-based ASAS Health notified 25,527 individuals of a data breach that impacted their SSNs, disability codes, Medicare ID numbers, financial information, diagnoses, and driver’s license numbers, among others.
04
The HC3 warned the healthcare sector about a rise in cyberattacks against Veeam Backup & Replication software due to a high-severity vulnerability that enables unauthorized access to backup infrastructure hosts.
05
The Bl00dy ransomware gang is exploiting a critical security flaw, tracked as CVE-2023-27350, in PaperCut servers to target education facilities in the U.S. – warned a joint advisory by the CISA and the FBI.
06
The Huron-Superior Catholic District School Board in Ontario suffered a cyberattack that compromised the personal information—Ontario Education Number, Student Performance Information, and other information—of current and former students.
07
Broadband service provider WhizComms recently notified 24,000 customers of a data breach—detected on April 21—that compromised their scanned images of NRICs, including images of work permits and visa approval documents.
08
A breach at Ambulance Victoria exposed confidential drug and alcohol test results of graduate paramedics, accessible by all staff members. The breach affected 600 results, including approximately 30 positive tests.
09
A new report by Abnormal Security noted that a group of Israel-based attackers launched more than 350 BEC campaigns over the last two years, against manufacturing, financial services, technology, retail, healthcare, energy, and media sectors.
10
Canada’s Absolute Software has entered into an arrangement agreement with venture capital firm Crosspoint Capital Partners. The agreement entails the acquisition of the cybersecurity firm at an enterprise value of $870 million.
