Week 41 Cyberattack Digest 2019 – Tū Ora Compass Health, Baltimore, X4Crow and others
We have some hot cyber news for you! If you have been waiting for our new week 41 cyberattack digest, we are sure you’ll like our latest article compilation.
New Zealand health organization puts its servers offline following a cyberattack
by Infosecurity Magazine – 7 October, 2019
Tū Ora Compass Health, a health organization from New Zealand, was affected in a major security incident back in August. Recently, the company has revealed certain evidence of attacks that had taken place three years ago.
After the cyber incident the company decided to put its servers offline and started working on the improvements of its security. Last week, the primary health organization (PHO) revealed that as a result of an investigation held by authorities, including the police, Ministry of Health, and the National Cyber Security Centre, evidences of several attacks dating from 2016 to early 2019 had been revealed.
“As stewards of people’s information, data security is of utmost importance to Tū Ora Compass Health. We are devastated that we weren’t able to keep people’s information safe. While this was illegal and the work of cybercriminals, it was our responsibility to keep people’s data safe, and we’ve failed to do that,” explained Martin Hefford, chief executive officer of Tū Ora Compass Health.
Baltimore decides to purchase a cyber insurance
by The Wall Street Journal – 16 October, 2019
The purchase of $20 million in cyber insurance coverage by Baltimore has been approved by officials. The decision was made five months after a disastrous ransomware attack.The city decided to buy specialized insurance in sight of a growing threat of ransomware attacks on municipal computer systems, which potentially can bring losses up to $1 million. The city did not have any insurance in the past and now it the estimated attack cost may sum up to about $18 million.
The policies chosen by Baltimore’s five-member Board of Estimates will consist of incident-response coverage, business-interruption loss and ransom payments. In total a pair of policies, one from Chubb Insurance and the other from AXA XL Insurance, will cost some $835,000. “As the world changes and as criminal acts change, you have to adjust. This is an adjustment well worth it to protect the citizens of Baltimore and most importantly protect their taxpayer dollars in the event this happens again,” City Council President Brandon Scott commented.
Data of 92 million Brazilians is being sold online
by Global Government Forum – 9 October, 2019
It recently came to light that personal details of 92 million Brazilian citizens is being sold on the ‘dark web’. The information includes names, dates of birth and taxpayer IDs. The incident has been characterized as one of the biggest government data breaches in history.
The data was put on sale by a user known as X4Crow. The seller says that he or she possesses details of about a half of Brazil’s 209 million citizens, which is equal to the country’s entire working population.
X4Crow promotes the auction on multiple restricted-access underground markets. On one of the forums, the seller says that he or she owns a database with some 16GB of data. The price for the auction is US$15,000 with a step-up bid amounting to US$1,000.
While it remains unknown how exactly the malefactor managed to get the data, it is said to be a government database, which can not be confirmed officially.