Over the past week, American Family Insurance (AFI) customers have been reporting outages for several of the company’s services, and officials have confirmed that these issues were caused by a cyberattack. Staff at AFI began noticing some unauthorized activity on their internal network and quickly shutdown portions of their system to isolate the intrusion, causing temporary outages to their website and billing services. While the investigation into the cyberattack is still ongoing, it is unclear if ransomware was the culprit, or if any sensitive information was compromised during the incident.
Okta support system breached with stolen credentials
At the beginning of the month, an Okta customer contacted the Okta support case management team regarding a potential breach, after identifying unauthorized access from an Okta administrator account. Officials from Okta did not confirm the breach until 2 weeks later, and their investigation revealed that compromised credentials had played a significant part in the breach, leading to the company notifying affected customers. This is just the latest in a recent string of data breaches at Okta, after another security incident at the beginning of 2022, which exposed a large amount of customer data.
RagnarLocker ransomware taken down by law enforcement operation
Over the weekend, officials from Europol revealed that multiple individuals behind the RagnarLocker ransomware group had been arrested across Europe, and the group’s leak site and system infrastructure has been seized by authorities. With the combined efforts of several law enforcement agencies throughout Europe, the 6 potential suspects were taken into custody, while one home in the Czech Republic was thoroughly raided for evidence.
Canadian health services provider suffers cyberattack
Early this week, the Canadian health services provider, TransForm suffered a cyberattack that has impacted operations at the five healthcare facilities that rely on the shared services. TransForm is a hospital-founded shared provider that manages all IT, supply chain, and payroll services for the 5 organizations, and which is relied on for scheduling patient procedures and daily patient care. The initial attack vector is still unclear, as well as the threat group responsible for targeting yet another healthcare provider.
City of Philadelphia waits 5 months to reveal data breach
After first discovering a security breach at the end of May, officials for the City of Philadelphia in Pennsylvania have finally revealed that their internal email system had been compromised, leading to the exposure of sensitive citizen information. More worrying is that Pennsylvania law states that breach disclosures must happen within 7 days of identifying a security incident, and the city waited nearly 5 months to contact affected individuals and release a public statement.
