Cyberweek of April 19, 2024: 11 attacks in 7 countries, United States on the front line

Cyberweek of April 19, 2024: 11 attacks in 7 countries, United States on the front line
Cyberweek of April 19, 2024: 11 attacks in 7 countries, United States on the front line

Welcome to this week’s edition of Cyberhebdo, your press review dedicated to the hottest news in cybersecurity. As the digital world continues to weave its complex and omnipresent web, cyberattacks remain a constant threat to individuals, businesses and governments across the globe.

This week we have recorded no less than 11 major incidents, reflecting a diversity of tactics and targets, which have been reported in the media in several countries, including Sweden (SWE), Italy (ITA), Belgium ( BEL), the Dominican Republic (DOM), France (FRA) and Chile (CHL).

We remind you that our press review focuses on significant cyberattacks and does not cover DDoS attacks or website defacements.

04/14/2024 – The Ministry of Health of the Dominican Republic. (DOM)
Last Monday, the Dominican Republic’s Ministry of Health confirmed a digital attack that led to the theft of 8,000 Covid-19 vaccination records. These files, containing patients’ personal information, could be sold on the DarkWeb for a small fee, according to experts. The police investigation seeks to identify the hackers, although their use of the DarkWeb complicates their traceability, highlighting the challenges of cybersecurity in the face of such attacks. (Source)

04/14/2024 – Frontier Communications (USA)
Frontier Communications, a US telecommunications provider, was the victim of a cyberattack by a group of cybercriminals that resulted in unauthorized access to personally identifiable data (PII) and partial shutdown of some systems to contain the threat. The company has since restored its affected core IT systems and is working to restore normal business operations, while notifying authorities and hiring cybersecurity experts. Despite Frontier’s assurances, customers have reported internet connection issues and difficulty contacting support by phone. (Source)

04/14/2024 – More Services (CHL)
A ransomware cyberattack affected some servers of the Plus Servicios organization’s technological infrastructure, causing a partial interruption of their online services on Sunday, April 14, 2024. Measures were taken to quickly restore operational continuity and conduct an investigation forensics in order to identify the origin of the attack and apply the necessary fixes. Cybersecurity experts are being consulted to restore services and applications as quickly as possible, and updates will be provided on the status of future services. If there are any questions or concerns, the team remains available for assistance. (Source)

04/15/2024 – Octapharma Plasma (USA)
Octapharma Plasma, a medical company operating more than 150 blood plasma donation centers in the United States, has closed its facilities due to network issues attributed to a BlackSuit ransomware infection. This cyberattack could affect Octapharma’s plasma supply in Europe, as more than 75% of their plasma comes from the United States. The FBI was alerted to the incident, which is part of a growing trend of targeting healthcare organizations by cybercriminals using extortion tactics. (Source)

04/15/2024 – The French Brief (ENG)
Le Slip Français, a company specializing in the sale of underwear, was the victim of a cyberattack on April 15, resulting in the theft of some of its customers’ personal data, but without compromising passwords or credit card data. payment. The company responded by forming a crisis unit with cybersecurity experts to contain the attack and monitor possible fraud. A complaint was filed and a report was made to the CNIL, although the scale of the attack remains to be determined, and the company informed its customers, including those unsubscribed, in a preventive manner. (Source)

04/16/2024 – Vooruit.brussels (BEL)
Hackers carried out a cyberattack on the Vooruit.brussels server, stealing personal data such as members’ names, addresses and telephone numbers, with a ransom demand of 800 euros. Suzy Bleys, co-president of Vooruit.brussels, reported the incident after the site became inaccessible and the criminal gang contacted them asking for money in Bitcoin. Authorities have been informed and an investigation into the data breach is underway to determine the extent of the compromised information. (Source)

04/16/2024 – Norrmjerier (SWE)
On Tuesday morning, a cyberattack was discovered against Norrmjerier in Umeå. Operations had to be stopped and crisis management activated. (Source)

04/16/2024 – Simone Veil Hospital in Cannes (ENG)
The Simone Veil hospital in Cannes has suffered a computer “blackout” since Tuesday April 16, leading to the cancellation of interventions and appointments, suspected of being due to a cyberattack, although the hospital mentions officially a “technical incident in progress”. A crisis unit was activated in collaboration with various regional organizations to manage the situation. As a result, all non-urgent activities and consultations are postponed until the computer system is restored. (Source)

04/17/2024 – Glynn County Schools (USA)
A cyberattack on Glynn County Schools’ IT infrastructure Wednesday knocked out internet connections throughout the system, causing an outage that persisted Thursday and is expected to last through Friday. No sensitive information would have been compromised according to a school official. The school’s IT team and a third-party monitoring program detected suspicious activity on the network, which resulted in the Internet being shut down to prevent intrusion. (Source)

04/17/2024 – Legislative Bill Drafting Commission (USA)
A cyberattack targeted the New York State Bill Drafting Commission, disrupting the drafting and publication of bills for the FY 2025 spending plan and causing a delay in passage of the state budget. Details of the attack, such as its origin, the data compromised and the extent of the damage, remained unclear, but efforts were underway to find temporary solutions and prevent significant delays in the budget process. (Source)

04/18/2024 – Synlab (ITA)
Synlab, a medical services provider also operating in Brescia, was targeted by a cyberattack that affected its IT systems throughout Italy, forcing the company to deactivate all of its IT systems in the country. As a result, all activities at sampling points, medical centers and laboratories in Italy are suspended until further notice, including the uploading and collection of medical reports. Synlab apologizes for the inconvenience caused and will inform its customers and patients of the evolution of the situation via its social networks, without being able to specify when operations will be able to resume. (Source)

Press review produced in part with ChatGPT. The explanations can be read here.

-

-

NEXT Apple’s 7 tips for properly charging your iPhone