Blog Post

October 2022 Cyber Event Roundup

November 3, 2022

Table of Contents

Australian Clinical Labs Disclosed 9-Months Old Quantum Data Breach

Australian Clinical Labs (ACL), an Australian healthcare company, has disclosed a February 2022 data breach that impacted one of its businesses, and exposed sensitive information of 223,000 individuals. The data includes medical information, credit card details, and other personal information. The breach, which was due to an attack by the Quantum ransomware group, was disclosed around 9 months after it occurred. 

Kovrr Insights: Industry Benchmark

Kovrr’s Cyber Incidents Database has monitored several dozen Quantum attackers over the past 12 months. From monitored attacks it appears that Quantum mainly targets companies in the education industry, while the rest of the target industries are varied, and include government agencies and healthcare companies. 

Book a free demo with Kovrr's cyber risk management experts today.

Unsecured Database Leaks 3TB of Thomson Reuters Data

Thomson Reuters has been found to expose more than 3TB of customer data and other Thomson Reuters sensitive data on an unsecured ElasticSearch database. The data, which was discovered by researchers at Cybernews, contained among other things database connection logs, potentially allowing access of external actors to internal Thomson Reuters systems. 

Kovrr Insights: Industry Benchmark

This shows the potential high impact of exposed data, which can lead to high financial damage to targeted organizations.

Get a free ransomware report tailored directly to your organization's landscape.

Ursnif is Latest Financial Malware to be Repurposed as a Backdoor

The threat group behind Ursnif, a popular and long-lived financial malware, are the latest to repurpose their financial malware as a backdoor. This trend has already been seen in the past with many successful financial malware groups, such as Trickbot and Emotet, repurposing their attack tool as a backdoor. The main reason behind this repurposing is the desire of attackers to possess more modular tools, which will allow attackers to customize their attack tool in order to achieve access to organizations, and then perform various malicious actions.

Kovrr Insights: Cost of a Similar Incident

Through their partnerships with ransomware actors, these repurposed backdoors lead to high financial damages. For example, in the past the Emotet group has been associated with the Ryuk ransomware group. Ryuk ransomware was responsible for many high profile and high cost ransomware attacks, including an estimated €50M loss caused to the French IT company Sopra Steria.  

Guy Propper

Data Team Lead

Ask for a demo
By providing my contact information and ticking the box below, I agree to Kovrr's Privacy Policy and consent to communications from kovrr at the contact information provided.
Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.
More Blog Posts
Explore All Blog Posts
Industry Recognition