Book a meeting with us at Gartner 2024

Blog Post

October 2022 Cyber Event Roundup

November 3, 2022

Resources
/
Blog
/
October 2022 Cyber Event Roundup
Table of Contents
H2
H2
H2

Australian Clinical Labs Disclosed 9-Months Old Quantum Data Breach

Australian Clinical Labs (ACL), an Australian healthcare company, has disclosed a February 2022 data breach that impacted one of its businesses, and exposed sensitive information of 223,000 individuals. The data includes medical information, credit card details, and other personal information. The breach, which was due to an attack by the Quantum ransomware group, was disclosed around 9 months after it occurred. 

Kovrr Insights: Industry Benchmark

Kovrr’s Cyber Incidents Database has monitored several dozen Quantum attackers over the past 12 months. From monitored attacks it appears that Quantum mainly targets companies in the education industry, while the rest of the target industries are varied, and include government agencies and healthcare companies. 

Book a free demo with Kovrr's cyber risk management experts today.

Unsecured Database Leaks 3TB of Thomson Reuters Data

Thomson Reuters has been found to expose more than 3TB of customer data and other Thomson Reuters sensitive data on an unsecured ElasticSearch database. The data, which was discovered by researchers at Cybernews, contained among other things database connection logs, potentially allowing access of external actors to internal Thomson Reuters systems. 

Kovrr Insights: Industry Benchmark

This shows the potential high impact of exposed data, which can lead to high financial damage to targeted organizations.

Get a free ransomware report tailored directly to your organization's landscape.

Ursnif is Latest Financial Malware to be Repurposed as a Backdoor

The threat group behind Ursnif, a popular and long-lived financial malware, are the latest to repurpose their financial malware as a backdoor. This trend has already been seen in the past with many successful financial malware groups, such as Trickbot and Emotet, repurposing their attack tool as a backdoor. The main reason behind this repurposing is the desire of attackers to possess more modular tools, which will allow attackers to customize their attack tool in order to achieve access to organizations, and then perform various malicious actions.

Kovrr Insights: Cost of a Similar Incident

Through their partnerships with ransomware actors, these repurposed backdoors lead to high financial damages. For example, in the past the Emotet group has been associated with the Ryuk ransomware group. Ryuk ransomware was responsible for many high profile and high cost ransomware attacks, including an estimated €50M loss caused to the French IT company Sopra Steria.  

Guy Propper

Data Team Lead

Download
Ask for a demo
By providing my contact information and ticking the box below, I agree to Kovrr's Privacy Policy and consent to communications from kovrr at the contact information provided.
Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.
More Blog Posts
Explore All Blog Posts
Read More

April 25, 2024

New Drill Down Feature Illuminates a Deeper View of Cyber Risk Drivers

Unlock insights and optimize cybersecurity programs with Kovrr's Drill Down feature.

Read More

April 11, 2024

Cyber Risk Quantification (CRQ) Models: How to Choose the Right One

Explore cyber risk quantification models to find the most accurate for empowering risk managers with precise forecasts.

Read More

April 9, 2024

Material Incident Reporting Obstacles in SEC Cybersecurity Disclosures

The SEC's new cybersecurity regulations are failing to ensure consistent disclosures regarding material cyber events.

Industry Recognition

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

© 2023 Kovrr. All rights reserved.
Privacy-Shield-NoticePrivacy-PolicyTerms of Use
Design by Streetlight