Ransomware gang Black Basta has released private data allegedly stolen from the Raleigh Housing Authority (RHA) in North Carolina, according to reports. The RHA suffered a cyberattack in May which disrupted its services for weeks. Cybersecurity expert Dominic Alvieri claims that the stolen data, including Social Security cards, passports and financial documents, have appeared online. The RHA has not directly confirmed or denied the publication of the data, but RHA CEO Ashley Lommers-Johnson stated that state and federal authorities had been notified and an investigation was underway with the help of the National Guard cyber security team.
According to James McQuiggan, Security Awareness Advocate at KnowBe4, this attack highlights the cybersecurity challenges faced by government organizations that are responsible for collecting and retaining personal information. He emphasized the need for increased resources to strengthen cybersecurity defenses and protect personally identifiable information (PII). McQuiggan also stressed the importance of ongoing cybersecurity training and awareness for all employees, along with the implementation of technologies like multi-factor authentication and strong passwords, to detect and prevent future attacks.
In a separate incident, New York City’s Department of Finance (DOF) accidentally exposed sensitive data of its employees during an emergency notification test. The department inadvertently emailed a roster containing employee home addresses, cell numbers, and personal email addresses to all its staff. The roster was accompanied by automated test calls that were sent out before dawn. An employee, speaking on condition of anonymity, expressed concerns about the potential misuse of their personal information. Associate Commissioner for Workforce Management Corinne Dickey confirmed that an investigation was taking place, and the city’s Office of Technology & Innovation and Cyber Command had been informed of the incident.
Jadee Hanson, CISO and CIO of Code42, described the incident as an insider risk incident, emphasizing the need for organizations to invest in insider risk management strategies and technology. With the increased prevalence of remote work and collaboration tools, insider risks have become more significant. Hanson highlighted the importance of having visibility of file movements and a rapid response in mitigating the impact of insider risk incidents.
Tesla has started notifying over 75,000 individuals who were affected by a data breach that occurred in May. The breach exposed confidential data belonging to Tesla employees and customers. The company has filed a lawsuit against two former employees who allegedly misappropriated the information in violation of Tesla’s IT security and data protection policies. The stolen data, dubbed the “Tesla files,” included employees’ names, contact information, and thousands of customer complaints. Tesla has yet to comment on the breach but has seized the devices that contained the stolen data.
Dor Fledel, co-founder and CEO of Spera, highlighted the challenge organizations face in enforcing least-privilege policies, which limit access to sensitive information. Fledel emphasized the importance of granting access based on security considerations rather than productivity concerns. He suggested that organizations should adopt centralized identity-focused security to manage permissions effectively. Another lesson from the breach is the importance of revoking access when employees leave a company. Lior Yaari, CEO and co-founder of Grip Security, noted that it is common for former employees to retain access to systems after leaving a company, highlighting the need for better data governance and system access controls.
Dror Liwer, co-founder of cybersecurity company Coro, acknowledged the difficulty of protecting against malicious insiders. While this breach involved deliberate malicious intent, Liwer noted that unintentional exposure of data by co-workers can also occur. Organizations should implement clear guidelines on access privileges and data retention to mitigate this risk. Liat Hayun, CEO of Eureka Security, urged organizations to prioritize security measures and enforce data protection policies to prevent insider risks.
These incidents underscore the ongoing challenges faced by organizations in protecting sensitive data and mitigating cyber threats. Cybersecurity measures, training, and awareness are critical for preventing breaches and maintaining public trust in government and corporate entities.