Latest security breaches
No sector is immune from cyber criminals. This month we’re looking at examples from different sectors that have recently been impacted by data breaches and ransomware attacks.
Healthcare is a regular target for cyber criminals due to the sensitive data health organisations hold about patients. Welltok, a healthcare SaaS provider, experienced a significant data breach that compromised the personal information of nearly 8.5 million patients in the U.S., while Truepill, a B2B pharmacy platform, suffered a data breach affecting over 2.3 million individuals, exposing sensitive personal information such as full names, medication types, and demographic details.
The public sector is another key target, impacting both citizens and public sector employees as these recent examples show. A cyber attack shut down the Washington State Department of Transportation’s website causing disruptions in accessing real-time travel information. Current and former employees of the Canadian government including Canadian Armed Forces members, and Royal Canadian Mounted Police personnel, had their sensitive information exposed due to a data leak. The British Library, sponsored by the British Department of culture, media and sport, and one of the largest libraries in the world, was the victim of a ransomware attack that resulted in the exposure of internal human resources data. The ransomware group has claimed responsibility, setting a starting price of 20 bitcoins (approximately $750K) as a ransom with seven days deadline.
Two organisations in the travel sector recently experienced data breaches, putting customers data at risk. Marina Bay Sands luxury resort in Singapore suffered a significant data breach, impacting 665,000 customers' loyalty program data. The resort has launched an investigation, strengthened its systems, and reported the incident to relevant authorities, but it is unclear if it was a ransomware attack. Taj Hotels group also suffered a massive data breach, potentially exposing personal information of around 1.5 million people.
Retailers aren’t exempt from attack. AutoZone, a leading automotive parts retailer, suffered a data breach as part of the Clop MOVEit file transfer attacks, compromising the data of nearly 185,000 individuals. Samsung disclosed a data breach that occurred on its UK online store. The breach was discovered in November 2023 and impacted customers' contact information. This is the third cyber security incident impacting Samsung in two years, raising concerns about the company's ability to protect customer information and fulfil its security promises.
Manufacturers are also affected. Kyocera AVX Components Corporation experienced a data breach, exposing personal information of over 39,000 individuals, following a ransomware attack. The breach involved the encryption of systems and resulted in the theft of personal data, including full names and social security numbers. Meanwhile, aerospace manufacturer Boeing is dealing with a cyber incident that targeted its parts and distribution business. This comes after the Russia-linked LockBit ransomware group claimed responsibility for a cyberattack on Boeing and threatened to publish sensitive data if a ransom demand was not met. Yamaha Motor Philippines also suffered a ransomware attack, resulting in the unauthorised access and leakage of employees' personal information.