Home – Reports – Weekly Cyber Digest – Weekly Cyber Digest:26 November – 02 December 2021
02 December 2021
Silobreaker’s Weekly Cyber Digest is a quantitative summary of our threat reports, published every Thursday. The reports are created using our award-winning intelligence product Silobreaker Online.
Trending Vulnerable Products
Name | Heat 7 |
---|---|
IBM QRadar | ![]() |
HP LaserJet | ![]() |
Network Security Services | ![]() |
IBM MQ Appliance | ![]() |
Acronis Cyber Protect | ![]() |
Name | Heat 7 |
---|---|
Linux OS | ![]() |
Microsoft Windows | ![]() |
Apple iOS | ![]() |
Microsoft Edge | ![]() |
Raspberry Pi | ![]() |
The tables show the products which have been mentioned more than usual during the last week in connection with vulnerabilities.
Data Leaks & Breaches
Company | Information | Affected |
---|---|---|
Swire Pacific Offshore (Scotland) | The company suffered a cyberattack that resulted in the loss of some confidential commercial and personal data. Clop ransomware listed the company on their leak site on November 24th, 2021. | 1,000 |
Supernus Pharmaceuticals (US) | The company was added to the Hive ransomware operators’ leak site following a ransomware attack in mid-November 2021. Hive claim to have exfiltrated 1.5TB of data from the company, and encrypted their files on November 14th, 2021. | Unknown |
Alberta Health (Canada) | The province’s COVID-19 vaccination record website was taken down following a possible privacy breach revealed on November 25th, 2021. At least 12 users were able to download the names, dates of birth, and vaccine information of other people from the website. | Unknown |
National Database and Registration Authority (Pakistan) | Pakistan’s Federal Investigation Agency discovered the authority’s biometric database was compromised following a hack of the SIM verification process. The compromised verification methods are used in the sale of fake SIM cards and financial fraud cases, mostly aimed at elderly individuals. | Unknown |
True Health New Mexico (US) | On October 5th, 2021, an unauthorised third party gained access files that contained information about current and former members, certain providers, and former members of New Mexico Health Connections. Compromised data possibly includes names, dates of birth, ages, home addresses, email addresses, insurance information, Social Security numbers, and more. | Unknown |
Panasonic (Japan) | The company’s internal network was targeted in a cyberattack, with the attacker gaining access to the network between June 22nd and November 3rd, 2021. Certain data on a file server was accessed. | Unknown |
One Community Health (US) | The organisation reported a data breach on November 22nd, 2021, that occurred on April 20th. Patients’ names, dates of birth, addresses, Social Security numbers, insurance information, and more, may have been exfiltrated. Pysa ransomware operators allegedly added the organisation to their leak site earlier this year. | Unknown |
Vestas (Denmark) | The company was targeted in a ransomware attack on November 19th, 2021. The company’s internal systems were affected and data was compromised. | Unknown |
Headwaters Health Care Centre (Canada) | A data breach occurred on November 26th, 2021, following suspicious email activity the previous day. A number of spam emails were sent from Headwaters servers to recipients in their address book. | Unknown |
Tasmania’s Department of Police, Fire and Emergency Management (Australia) | Threat actors attempted to breach police employee accounts 844 times over the past 12 months. One compromised login was found to be for sale on the dark web, while a section of the Tasmania Fire Service website was taken over by hackers for more than two weeks. | Unknown |
CS Energy (Australia) | The company responded to a ransomware attack on November 30th, 2021. The attack did not impact electricity generation at Callide and Kogan Creek power station. | Unknown |
Kentucky Energy and Environment Cabinet (US) | On September 8th, 2021, the ECC discovered that unredacted mining permit applications were publicly available at the Department of Natural Resources’ field offices and on an EEC-hosted website. These included some mine owners’ and controllers’ personal information, such as Social Security numbers. | Unknown |
DNA Diagnostics Center (US) | An unauthorised party accessed a database containing personal information between May 24th and July 28th, 2021. The attacker may have removed certain files containing information collected between 2004 and 2012. Among the impacted data are full names, Social Security numbers, payment information, and more. | 2,102,436 |
Medsurant Health (US) | On September 30th, 2021, an unknown threat actor informed the company that data had been accessed and exfiltrated in an attack against their systems. Exfiltration began on September 23rd, and was ongoing until November 12th, 2021. Potentially compromised information includes names, addresses, dates of birth, Social Security numbers, medical diagnosis, and insurance claims information. | ~ 45,000 |
Conseil des écoles publiques de l’Est de l’Ontario (Canada) | In a ransomware attack on October 18th, 2021, attackers stole around 75GB of data dating back to 2000. Possibly stolen information on employees, students, and parents includes Social Insurance numbers, bank account numbers, credit cards numbers, and dates of birth. The school board confirmed that a ransom was paid. | Unknown |
Broward County Public Schools (US) | An unauthorised attacker gained access to their systems between November 12th, 2020, and March 6th, 2021. Possibly compromised data on staff and students includes names, dates of birth, Social Security numbers, and health insurance plan information. | Unknown |
Planned Parenthood LA (US) | An unauthorised actor gained access to the organisation’s network between October 9th and October 17th, 2021, installed ransomware, and exfiltrated files. The compromised files included information such as names, dates of birth, addresses, insurance identification numbers, and more. | 400,000 |
Attack Type mentions in Banking & Finance
This chart shows the trending attack types related to the Banking and Finance industry within a curated list of cyber sources over the past week.
Weekly Industry View
News and information concerning each mentioned industry over the last week.
Silobreaker’s Weekly Cyber Digest is a quantitative summary of our threat reports, published every Thursday. The reports are created using our award-winning intelligence product Silobreaker Online.