Washington State Food Services Worker Data Compromised in Massive Breach
A significant data breach has occurred in the US state of Washington, impacting food service workers in the region. The Tacoma-Pierce County Health Department (TPCHD) recently announced that the Washington State Food Worker Card online training system database was breached, potentially affecting anyone employed in food service in the state prior to 2019. The breach involved unauthorized access to a database containing the personal information of approximately 1.5 million individuals, which accounts for approximately 20% of Washington’s population.
According to Kenny Via, the public information officer and content manager for TPCHD, the breach affected such a large number of individuals because the department handles food worker cards for nearly everyone in the state. While the exposed records did contain nearly 10,000 drivers license numbers, it is important to note that Washington has since implemented a new numbering system for drivers licenses, so most of the impacted individuals likely have new license numbers.
Following the breach, TPCHD switched to a new support vendor that upgraded their systems from a legacy Adobe Flash-based website to a modern, cloud-hosted HTML5 application with a cloud-hosted database. This move has helped improve the security of their platforms and prevent similar incidents from occurring in the future.
Third-Party Data Breach Impacts Idaho Colleges
In another unfortunate incident, seven colleges and universities in Idaho have fallen victim to a data breach caused by a third-party software vulnerability. The breach affected schools such as Boise State University, the University of Idaho, and Idaho State University, among others. The compromised data include personal details such as first and last names, dates of birth, addresses, and Social Security numbers.
Both the National Student Clearinghouse and the Teachers Insurance Annuity Association of America (TIAA), which are third-party software providers for the affected schools, were impacted by the breach as well. This breach may be connected to the larger-scale hack of the popular MOVEit file transfer application, as TIAA has previously confirmed that its systems were affected in that attack. It is unfortunate that educational institutions are being targeted in these breaches, as they hold significant amounts of valuable data, including students’ personal information, finances, and research data.
MOVEit Vulnerability Results in Exposure of Retirement Plan Data
Pension Benefits Information LLC, a prominent provider of research services to the pension, insurance, and financial industries in the US, recently discovered a breach of its file transfer application. The vulnerability in MOVEit, the file transfer system, allowed unauthorized access to retirement plan data. Additionally, the Tennessee Consolidated Retirement System also suffered a breach in the same incident, impacting approximately 172,000 retirees in Tennessee.
The compromised data in this breach include sensitive information such as names, Social Security numbers, dates of birth, and mailing addresses. Upon learning about the vulnerability, Pension Benefits Information took immediate action to patch its servers, launch an investigation, assess the security of its systems, and notify affected customers and associated individuals.
Colorado State University Experiences Data Breach Through MOVEit Exploitation
Colorado State University (CSU) recently reported a data breach resulting from the exploitation of MOVEit vulnerabilities in third-party vendors. Several organizations that partner with CSU, including TIAA, National Student Clearinghouse, Corebridge Financial, Genworth Financial, Sunlife, and The Hartford, disclosed that they were impacted by the global MOVEit attack. This breach potentially includes data for current and former CSU employees and students dating back to at least 2021.
Avishai Avivi, the Chief Information Security Officer at SafeBreach, highlighted the concerning trend of universities becoming victims of MOVEit vulnerability exploitation. He emphasized that the Clop ransomware group responsible for the attacks is financially motivated and does not discriminate when it comes to their targets. Avivi also noted that organizations should exercise caution when transferring data through third-party vendors, maintain up-to-date software patching, and stay informed about the latest vulnerabilities and cybersecurity alerts.
The Importance of Managing Third-Party Risks
These series of data breaches underscore the importance of managing third-party risks effectively. Organizations must exercise caution and implement the necessary security measures when handling sensitive data through third-party vendors. It is crucial to continuously test and audit for security gaps, apply critical secure-by-design principles, and keep software patching up to date.
James McQuiggan, a Security Awareness Advocate at KnowBe4, stressed the significance of managing cyber risks across vendors and the supply chain. He recommended a proactive and holistic approach to vendor risk management, which includes thorough vetting, contractual security requirements, a strong security culture, multi-factor authentication, and network segmentation. Universities, in particular, should prioritize cybersecurity measures due to the significant amount of valuable data they possess, making them attractive targets for cybercriminals.
Additionally, it is vital for organizations to remain vigilant, monitor credit information, and be cautious of targeted phishing attempts following a data breach. Continuous cybersecurity education and awareness are essential in combating cyber threats and protecting sensitive data.