Recent Cyber Security Breaches: Microsoft, Panasonic and More

cyber security breaches

As a managed IT service provider it is important to us to make sure to stay in know about the latest cyber security breaches. Every few weeks we like to share our findings with you here on our blog. Please take a peek below to learn more about some of the most recent cyber security attacks here and around the world.

Microsoft (United States)

Software Company

The Hack: Unauthorized Access

Quick Summary: “The Lapsus$ gang has released 37GB of source code that they snatched in a brazen hit on Microsoft’s Azure DevOps server. Microsoft confirmed the incident, saying that the threat actors gained access through a compromised employee account. The source code looks to pertain to various internal Microsoft projects, including for Bing, Cortana and Bing Maps. Microsoft made a blog post about its recent operations to track and potentially interfere with Lapsus$ last week. The company was quick to state, “Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.” Lapsus$ is known to be a ransomware outfit, but no ransom activity was disclosed in this incident.” -ID Agent

Read More Here >> Microsoft confirms they were hacked by Lapsus$ extortion group

 

Panasonic (Canada)

Electronics Maker

The Hack: Ransomware

Quick Summary: “TThe Conti ransomware group has claimed responsibility for an attack on Panasonic’s Canadian operations in February 2022. Panasonic confirmed that it had been the victim of a ransomware attack that impacted its systems, processes and networks. The company says that it has contracted with outside experts to investigate the attack as well as clean and restore servers and rebuild applications. No word was available about what if any data was stolen by the attackers. Panasonic says that relevant authorities have been informed.” -ID Agent

Read More Here >> Panasonic says Canadian operations hit by ‘targeted’ cyberattack

 

Morgan Stanley (United States)

Financial Services

The Hack: Social Engineering (Vishing)

Quick Summary: “Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised in a vishing attack. The company notified clients that on or around February 11, 2022, a threat actor impersonating Morgan Stanley gained access to their accounts by impersonating a Morgan Stanley representative and persuading those victims to provide the imposter their Morgan Stanley Online account info. After successfully breaching their accounts, the attacker also electronically transferred money to themselves using the Zelle payment service. No specifics have been given regarding the number of customers swindled, but the firm has stated that those clients were reimbursed.” -ID Agent

Read More Here >> Morgan Stanley client accounts breached in social engineering attacks

 

Scottish Association for Mental Health (Scotland)

Healthcare Provider

The Hack: Ransomware

Quick Summary: “The RansomEXX ransomware group hit the Scottish Association for Mental Health, snatching 12 GB of sensitive client data from the charity. The organization confirmed the attack in a statement, explaining “We are devastated by this attack. It is difficult to understand why anyone would deliberately try to disrupt the work of an organisation that is relied on by people at their most vulnerable.” Attackers reportedly gained access to internal employee communications as well as other data sources. The charity has also said that they’re working with Police Scotland to resolve the situation. No ransom demand was made public.” -ID Agent

Read More Here >> Scottish mental health charity “devastated” by heartless RansomEXX ransomware attack

 

Snap On (United States)

Tool Manufacturer

The Hack: Ransomware

Quick Summary: “Major tool manufacturer Snap-on has disclosed that it has been the victim of a ransomware attack. The Conti ransomware group has claimed responsibility. The group has already begun leaking Snap-on’s data online. Snap-on reported that the breach was discovered when it detected suspicious network activity, which led to them shutting down company systems. Employee and franchisee data was compromised.” -ID Agent

Read More Here >> Snap-on discloses data breach claimed by Conti ransomware gang

 

The Rehab Group (Ireland)

Disability Services Provider

The Hack: Malware

Quick Summary: “One of the largest disability services providers in Ireland, The Rehab Group has fallen victim to a cyberattack. The company says that there is no evidence that data had been accessed. The investigation is still ongoing, with the Garda National Cyber Crime Bureau and the National Cyber Security Centre involved.” -ID Agent

Read More Here >> Rehab Group falls victim to cyber attack

 

To learn more about how to keep your company safe and secure from cyber security attacks, click here to explore our San Diego IT Services & IT Security plans that are offered by SDTEK.

Leave a Reply