.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Intellihartx, a company providing patient balance resolution services to hospitals.
The Take: Personal information of roughly 490,000 individuals, including names, addresses, insurance data and medical billing, diagnosis and medication information, birth dates, and Social Security numbers.
The Vector: The cyberattack exploited a zero-day vulnerability in Fortra’s GoAnywhere managed file transfer software. Tracked as CVE-2023-0669 and leading to remote code execution, the flaw had been exploited starting January 28.
This breach is critical reminder that zero-day exploits do happen, and furthermore that patching software in a timely, effective manner is a key component of ensuring customer data is protected. Ensuring third-party vendors are deploying patches and fixes in accordance with a firm’s cybersecurity policy is an important step in an overall robust security posture.
Forbes: The escalating frequency and severity of cyberattacks has made it clear that organizations must fortify their defenses to safeguard sensitive information and maintain the trust of customers and stakeholders.
Financial Standard: The California Public Employees' Retirement System (CalPERS) is alerting its retired members and their relevant family members that some of their personal information was downloaded in an attack on one of its third-party providers' systems.
US News: Australian Perpetual confirmed an extended tech outage over an IT security incident, affecting some of its funds, though the fund manager reaffirmed that all its client investments and its own systems were unaffected and secure.
Yahoo Finance: Artificial Intelligence is a doubt-edged sword for cybersecurity. For example, a key talking point at the RSA Conference 2023, as cited on techtarget.com, was the multifaceted impact of OpenAI's GPT-4 on cybersecurity.
Dark Reading: The cyber landscape continues to evolve as its economy grows. Ransomware attacks already account for trillions of dollars in damages to enterprises each year and standardized and sophisticated offerings such as ransomware-as-a-service and phishing-as-a service will soon become commonplace.
The Record: James Babbage, the head of the United Kingdom’s National Cyber Force (NCF), is to leave his role commanding the nation’s elite hacking capabilities later this month to take the reins at the National Crime Agency’s (NCA) directorate for economic and organized crime threats.
MSN: The European Investment Bank (EIB) has been hit by a cyber attack suspected to have been orchestrated by Russian hackers, days after threats to bring down the Western financial system.
The Target: Scranton Cardiology
The Take: Exposure of Personally Identifiable Information including: full names, physical addresses, dates of birth, social security numbers, driver’s license, passport numbers, credit card and bank number details, and some medical information.
The Vector: The breach occurred through a “brute-force” attack where the threat actor uses a program to sequentially try every combination to a password protected system.
This breach is a critical reminder of standards and processes around password hygiene. Length and complexity for passwords, no matter where in a firm’s system they are set, is crucial for a robust overall cyber-security posture. When attackers gain access to legitimate employee credentials, they can act with all the permissions and privileges belong to the user.
OpenPR: Cybersecurity-as-a-Service is a cloud-based approach to outsourcing cybersecurity, where security services are provided on a subscription basis and hosted by cloud providers.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy