Week 8 Cyberattack Digest 2019 – University of Washington Medicine, Melbourne Heart Group, Toyota, and others
We hope you like our traditional cyber attack digests as we do. If so, enjoy our new week 8 cyber attack digest.
Toyota employees cannot access the email system
by The Sydney Morning Herald – 20 February 2019
Toyota car maker has been affected by a cyber attack in Australia. As a result, the company’s employees were locked out of their emails for days.
Organization’s Australian servers were hit last Tuesday, after which the company decided to start an investigation involving federal authorities, and currently it is still unknown who was behind the malicious cyber actions. Company’s officials contacted international cyber security experts to get its operating systems back online. As the email system remains inaccessible for employees, all the staff members were instructed to use “face-to-face communications, phone and text until emails are recovered. Also, the company website’s contact page has been temporarily replaced with a message informing the visitors that the page is “under maintenance”.
Misconfiguration exposed data of 974,000 patients
by SC Media – 21 February
You should always keep in mind that hackers are not the only thing to be aware of: misconfigurations may sometimes cause way much bigger troubles. As a result of a misconfiguration that affected a database of University of Washington (UW) Medicine, over one million personal health information records got exposed. According to the university’s officials, a website server was searchable on the internet throughout almost all the December 2018 and anyone could easily access data on 974,000 patients. UW commented that the delay in reporting the incident was caused by the time spent on conducting the initial investigation. As for the exposed files, the accessible records consisted of patient names, medical record number, with whom UW Medicine shared the information, a description of what information was shared and the reason for the disclosure. Some files also included the name of a lab test or the name of the research study including the name of a health condition. Among the expose data, there were no specific medical records, patient financial information or Social Security numbers. “At this time, there is no evidence that there has been any misuse or attempted use of the information exposed in this incident,” UW officials said.
Patient’s data at Melbourne heart specialist clinic got affected
by The Guardian – 21 February 2019
Unfortunately, that was not the only incident that touched the healthcare sphere last week. A patient’s files have been scrambles at a Melbourne heart specialist clinic. Experts reportedly characterized the incident as a ransom attempt. The Australian Cyber Security Centre has confirmed that currently, it is providing assistance to the Melbourne Heart Group. “As the matter is ongoing, it is not appropriate to comment further,” the center ’s spokesman commented. The Australian federal police were also involved in the ongoing investigation. Security experts have concluded that the malware that was applied for breaking into the unit’s security network is believed to originate from North Korea or Russia, while the origin of the malefactors is not clear yet. It is also unknown whether the clinic had paid the ransom to the fraudsters and how many files had been compromised. “I don’t want to make any further comment. We’re extremely busy and have got a lot of patients coming in,” Melbourne Heart Group spokeswoman announced.
Iran-based hackers are back again
by The Wall Street Journal – 25 January 2019
No, this wasn’t on purpose, but this article also covers
Last week, there was a burst of cybersecurity news that touched Australia, bul this is obviously not the only country that gets attacked regularly. To learn more, follow us on Twitter, Facebook, and LinkedIn.