United States – Consulate Health Care
Exploit: Ransomware
Consulate Health Care: Healthcare Services Company
Customers Impacted: Unknown
More Info: https://securityaffairs.com/140452/cyber-crime/consulate-health-care-hive-ransomware.html

Risk to Business: 1.221 = Extreme

Consulate Health Care, a large provider of specialty healthcare services for seniors, has been hit by the Hive ransomware group. Hive recently leaked 550 GB of data that it claims to have stolen in the attack, including PHI and PII. The attack took place on December 3rd, 2022, and it was disclosed on January 6, 2023. The gang claims to have stolen a wide array of data, including contracts, NDA documents, proprietary company data (internally facing budgets, plans, evaluations, revenue cycle, investors relations, company structure, etc.), employee PII (social security numbers, emails, addresses, phone numbers, photos, insurances info, payments, etc.), and patient PII and PHI (medical records, credit cards, emails, social security numbers, phone numbers, insurances, etc.). This deluge of data was revealed on Hive’s dark web leak site after Consulate Health Care apparently refused to pay an unspecified ransom.

Individual Risk: No consumer PII or financial data loss was disclosed in this breach as of press time.

United States – Des Moines Public Schools
Exploit: Ransomware
Des Moines Public Schools: Municipal Education Authority
Customers Impacted: 30,000 Students
More Info: https://therecord.media/iowa-school-district-cancels-classes-another-day-due-to-cyberattack/

Risk to Business: 1.837 = Severe

Des Moines Public Schools, a system that serves more than 30k students, was forced to suspend classes for two days following a suspected ransomware on January 9. A district official said that the district was forced to take its systems offline after discovering the incident to limit the damage. The district was able to return to in-person learning on January 12. However, it experienced ongoing problems with its virtual learning and student information system, Infinite Campus, and its phone systems that have since been resolved. Many students were also left without Wi-Fi on campus, and access to networked systems within individual schools was also impacted.  

Individual Risk: No consumer PII or financial data loss was disclosed in this breach as of press time.

United States – Bay Bridge Administrators
Exploit: Hacking
Bay Bridge Administrators: Employee Benefits Administrator
Customers Impacted: 250,000 Individuals
More Info: https://www.securityweek.com/251k-impacted-data-breach-insurance-firm-bay-bridge-administrators

Risk to Business: 1.981 = Severe

Texas-based employee benefits administration firm Bay Bridge Administrators says that it was the victim of a successful cyberattack that may have exposed the data of more than 250K people. Bay Bridge Administrators disclosed that on August 15, 2022, a threat actor gained unauthorized access to the Bay Bridge Administrators network and used that access to exfiltrate certain data on September 3, 2022. An investigation determined that PHI and PII were exposed in the incident and subsequently began notifying those whose data had been stolen. The information about employees whose benefits Bay Bridge Administrators managed includes names, addresses, birth dates, Social Security numbers, ID and driver’s license numbers, and medical/health insurance data.  

Individual Risk: No consumer PII or financial data loss was disclosed in this breach as of press time.