Planet Home Lending (PHL) is a real estate and homeowner agency that assists consumers in finding and financing lasting homes. PHL has 20 locations, from California to Alabama and Spokane to New Orleans. Citrix Systems, a worldwide technology solutions provider, created one aspect of PHL’s network. In 2023, officials found Citrix to have a destructive vulnerability, which allowed cybercriminals to access the networks of Citrix clients.

The Identity Theft Resource Center (ITRC) is a non-profit organization that minimizes and mitigates the risks of identity threats. Their role as a reputable security solution enables them to collect and analyze data from survey respondents; this report asked questions of small business (SMB) owners and employees to assess the state of identity threats better.

We don't think about it much, but moving data from our devices to various online locations is a complex process. It's just a single click for us but involves countless communications between servers. All these steps mean that there are countless places for a malicious actor to intervene and steal data. Transport Layer Security (TLS) stands at the forefront of data transmission defense and ensures that your information remains private as long as it travels across secure connections.

Effectively responding to cyber threats is all about speed and information. Defense specialists must react quickly to repel attacks and mitigate damages. However, cybercriminals are playing a different game. Bad actors try to sneak in undetected, hide their tracks, and leave the good guys scratching their heads. Luckily, it's exceptionally challenging to eliminate the indicators of attack (IOA) and the indicators of compromise (IOC).

Zero-day vulnerabilities have transformed into something of a boogeyman for business owners. They represent a significant threat to sensitive information and assets but are extremely challenging to respond to. Learning the importance of preemptive strategies for zero-day attacks is vital for individuals and organizations wanting to remain safe from threat actors.

Nowadays, digital transactions and virtual interactions aren’t exactly optional. People can’t keep their information off the web due to professional reasons, and many processes are exponentially more convenient through an online profile. With the influx of data stored on the web, it’s a veritable treasure trove for malicious hackers. Bits and pieces of the personal details we nonchalantly put in online profiles can lead to severe identity theft cases.

A Californian insurance brokerage offering insurance and budgetary solutions for schools, community agencies, and healthcare organizations—Keenan & Associates, has announced a significant data breach. The organization provides services to many industries and retains some data on behalf of its clients during its work.

First Financial Security, Inc. (FFS) is a nationwide insurance brokerage agency that assists insurance representatives in training, equipment, and licensing. They offer clients solutions for sustaining retirement funds and financial protection against untimely death, illness, and injury. They partner with other nationally recognized brokers, including Gerber Life Insurance and National Life Group. In October 2023, FFS faced a ransomware cyberattack; months later, the outcome was bittersweet.

Deli Management, Inc. does business as Jason’s Deli. It is an organization with over 250 deli shops located in 28 states. Since 1976, Jason’s Deli has been a popular solution for sandwiches and soups in the south and mid-eastern US. They offer various options for individuals and catering, including a rewards program called “Deli Dollars” and a website from which users can create an account and order food.

Based in Irvine, California, LoanDepot is a nationwide mortgage lender. Their solutions assist homeowners in purchasing land and obtaining reasonable equity costs. They are licensed in 50 states and, in 14 years, have become the most significant nonbanking lender in the US. In the second week of January, we featured a piece on LoanDepot; at the time, they were in the throes of a cyber skirmish, fighting for control of their discombobulated systems.

The Columbus Regional Healthcare System (CRHS) spans ten counties in southeastern Indiana. The network includes over 2,400 employees, 200 physicians, and many volunteers. CRHS offers emergency and surgical solutions, primary and specialty care programs, and endless inpatient and outpatient service options. CRHS recently notified the Maine Attorney General’s Office of a breach within their systems; the event happened in May 2023—and has potentially compromised the data of 132,887 individuals.

Kansas State University (K-State) is below Tuttle Creek Lake in northeast Kansas. The university serves 20,000 students, employs a complex faculty of emeritus, postdocs, and graduates, and offers over 50 programs. On Tuesday (January 16th, 2024), K-State published a statement concerning the disruption of some of its services; hours later, a preliminary investigation determined the cause of the disruptions came from a cybersecurity event.

This week was slow in the cybersecurity breach world; a combined 775k records got exposed stemming from two health centers (Singing River Health and Harris Center for Mental Health and IDD) and a nationwide mortgage lender (Academy Mortgage Corporation); a communications security solution (Egress) released a risk report urging action of business leaders; and Kansas State University suffered widespread disruptions, potentially compromising the sensitive data of their students and faculty.

Egress Software is a cybersecurity firm specializing in digital communications. They analyze security risks within emails, messaging, documents, file-sharing gateways, and more. In their line of work, humans are the most significant cybersecurity risk to any organization.

Academy Mortgage Corporation (AMC) is a nationwide mortgage lender and home loan estate professional group. The organization has over 200 branches throughout the US and numerous loan, mortgage, and financing options. In March 2023, AMC officials discovered a breach within their system network; the threat actor accessed and deactivated some of their securities, putting employees and borrowers at risk for compromised data.

The Harris Center for Mental Health and Intellectual and Developmental Disabilities (IDD) has six regional locations and assists those with behavioral health and developmental needs. Every year, they serve thousands within Harris County and deliver over a million services nationwide. In November, Harris experienced a network disruption; an unauthorized actor accessed and compromised the data of 238,463 individuals within Harris’ network.

Singing River Health System (SRHS) is a healthcare network located in the tail of Mississippi (and northern Alabama). They provide a comprehensive network of medical services for residents, including cancer, emergency, hospice, pediatrics, and urgent care. SRHS’ emergency departments at Gulfport Hospital, Ocean Springs Hospital, and Pascagoula Hospital serve over 100,000 patients yearly.

This week’s featured cyber incidents included a combined 2.3 million, although one event remains under investigation. The week began with an update from the Edmonds School District regarding their January 2023 breach, which exposed 145,844 individuals. Three other breaches also updated information; NASCO led the group with an update on their 1.6 million breach stemming from MOVEit.

NASCO provides various healthcare solutions to serve Blue Cross and Blue Shield members. They offer a comprehensive portfolio of services and use industry insights to project the needs of their 20 million clients. Thanks to third-party vendors specializing in unique services, NASCO can serve millions of individuals. Progress Software’s MOVEit tool was one of these specialized vendors. The tool allows for streamlined file management and was used globally as a multi-industry option.

Cooper Aerobics is a health and lifestyle entity concerned with providing comprehensive wellness solutions. As a business organization, their brand includes The Cooper Institute, a Clinic, a Fitness Center, a Spa, a Vitamin line, Wellness Strategies, and a Hotel.

Electrostim Medical Services Inc. (EMSI) is a healthcare servicer in Tampa, Florida. They create and disperse home electrical stimulation devices, brace accessories, pain management solutions, and physical rehabilitation tools. They offer a range of products, from wearable, flexible garments to electrotherapy devices for pain relief. EMSI serves over 70,000 patients and employs another 400 from the Tampa Bay area.

LoanDepot is one of the nation’s most widespread nonbank mortgage lenders, offering financial solutions and opportunities to homeowners. Based in Irvine, California, LoanDepot allows homeowners to purchase land, refinance it, and strike the best deal in equity costs. After coming into existence in 2010, their history became one of upward growth; two years later, they were licensed in all 50 states and began expansions.

Edmonds School District (ESD) is in south Snohomish County, Washington. The district involves 35 schools, including Brier, Edmonds, Lynnwood, and Woodway institutions. The faculty of these schools serve over 20,000 grade-school students, with nearly 1,300 teachers leading diverse learning environments. Almost a year ago, ESD noticed suspicious activity within their network; after an investigation, officials determined the cause was a cybersecurity event.

For over a decade, the magnetic stripe was the authentication tool behind modern-day credit cards. Magnetic stripe technology was developed in the late 1960s, but it took time before widespread use. It wasn't until 1994 that EMV technology was developed, leading to the cards with the little chips embedded in them. Europe quickly embraced the EMV chip card, but the United States and Canada have taken longer.

This week, 2024, started with destructive numbers. Transformative Healthcare was featured early on; their breach happened in February 2023 and may impact over 900k people, including patients and former FAS employees. Bunker Hill Community College announced updates to their 2023 incident, where assailants released ransomware and stole an estimated 195k records.

The North Kansas City Hospital (NKCH) is just north of the Missouri River in North Kansas City, Missouri. The hospital boasts a considerable campus with 450 beds and over 100 more physicians. They provide nearly 50 medical specialties, including cancer, oncology, cardiology, women’s, and emergency care programs. The facility has served patients in the area for over 60 years; however, their recent breach may cause patients to receive care elsewhere.

Integris Health is one of Oklahoma’s largest medical networks; they operate hospitals, clinics, and urgent care from their 24 non-profit campuses. Integris commands over 1,800 patient beds across its facilities, with nearly as many physicians. At the end of November, Integris published a notice on their website; not only had cybercriminals breached their security and accessed patient data—the criminals also began extorting their victims.

Fred Hutchinson Cancer Center (FHCC) is a three-location care network that delivers solutions for cancer patients. They are an independent organization that provides experience for the University of Washington’s Medicine programs. FHCC’s multiple locations allow for over 400 treatment trials, giving even patients with advanced diagnoses hope for the future.

Our first breach report of 2024 concerns Boston’s retired Fallon Ambulance Service (FAS). When operating, FAS was a medical transcription company serving emergency services and other affiliated companies. Transformative Healthcare (TH) oversaw FAS as a support component of their telephone services. TH absorbed FAS in December 2022 but retained patient data in compliance with their legal obligations.

Bunker Hill Community College (BHCC) serves a population of about 13,000 across two campuses and dispersed locations. BHCC offers over 100 degrees, including arts, sciences, business, health, law, and STEM opportunities. In May 2023, BHCC experienced a ransomware event—officials responded by taking their systems offline—but the threat was successful nonetheless. The assailants stole an estimated 195,588 records in their attack.