Weekly Cybersecurity Recap January 26
Table of Contents
- By Steven
- Jan 26, 2024
This week in cybersecurity saw billions of records fall into the hands of criminals. The week began with a report of 132k records compromised from an Indiana healthcare system. Soon after, the public received an update on the LoanDepot event from the beginning of this year, reporting 16.6 million exposures. Jason’s Deli also announced a breach worth 344k compromised records in Texas and the southern US. First Financial Security, a life insurance provider, also announced a 105k record breach event. Finally, towards the end of the week, news broke following the discovery of a compilation database; the storage reportedly held 26 billion records—most of them collected from previous cyber incidents. Read more about each event below.
Columbus Regional Healthcare System
Starting the week, CRHS—based in Indiana—announced a breach through the Maine Attorney General. However, much about the event was limited. According to the information available, an unauthorized assailant accessed and removed data from CRHS’ network in May 2023. CRHS has suggested victims of their breach may have compromised names and Social Security Numbers (SSNs). However, the assailant could have accessed more in their assault. Victims of this event must consider monitoring services to protect their identities and personal data from criminal misuse.
The most significant event this week came in the form of an update. We first featured LoanDepot in the beginning days of the new year; back then, they fought system disruptions stemming from an unauthorized actor’s encryptions. This week, we obtained a public statement from LoanDepot’s micro website with an update on the event. According to this most recent statement (January 22nd), the threat actors successfully stole personal, sensitive data. Consequently, all associates with ties to LoanDepot or one of their subsidiaries must act to safeguard their data from misuse.
The first credential stuffing incident of 2024 was hit Jason’s Deli in December. Like all stuffing incidents, the breach stemmed from cybercriminals using stolen data to access and manipulate users’ accounts. The attack on Jason’s Deli was made possible by users creating the exact account details, like the same username and password from other websites; when the criminals accessed one of those organizations, it technically breached all other accounts with the exact information. Jason’s Deli is now facing the consequences of a breach that may have happened months or years ago. Those at risk in Jason’s breach are members of their Deli Dollar rewards program and those with a Deli online account.
First Financial Security
A nationwide insurance organization with partners, including Gerber Life Insurance, National Life Group, and FFS, had a ransomware attack in October 2023. Their security stopped the attack, but the assailants accessed some data during the event. The data elements include names, SSNs, and “personal details” associated with some FFS groups. These groups include those who have been an insurance agent or purchased a life insurance plan or annuity from FFS—or an affiliated partner.
Compilation Database Discovery
Towards the end of the week, Cybernews released a report about a discovered database, dubbed the “Mother of All Breaches.” The database reportedly contains the data of more than 3,800 organizations, from MySpace and LinkedIn to X (Twitter) and Adobe. The database purportedly contains data exposed during previous events, but new information is likely mixed in. Investigations are likely to open as more organizations learn of their breaches. In the meantime, experts are pushing internet users to take more precautions. Update and change passwords, utilize multi-factor authentications, and never confirm or deny information when inquired.