Cyber attacks and data breaches in review: July 2021

According to our figures, there were at least 86 publicly disclosed data breaches and cyber attacks in July 2021.

You can find the full list of incidents on our sister site, but as always, we delve into some of the notable breaches affecting European organisations here ­– including an incident that affected thousands of Spanish citizens, including King Felipe VI of Spain, and the consequences of the Kaseya ransomware attack across Europe.

Madrid health system data breach exposes COVID-19 data

Spain’s Ministry of Health blamed a coding error after 100,000 people were involved in a data breach.

The incident compromised people’s COVID-19 vaccination data in addition to their ID numbers, telephone numbers, social security numbers and home address.

Telemadrid reported that King Filipe VI and Prime Minister Pedro Sánchez were among those affected.

The health ministry confirmed that that the issue began with a software vulnerability used by the Community of Madrid to record COVID-19 vaccinations.

A spokesperson said that the error was a result of an update that “passed test protocols but generated a gap when it was launched”.

They added that they were able to detect the vulnerability, and downplayed the severity of the breach.

“It is false that any citizen can enter the web pages of the Ministry of Health of the Community of Madrid to obtain the Covid certificate and that confidential information such as clinical data of the king, the president of the Government or other former presidents can be accessed,” they said.

However, Telemadrid reported that thousands of people’s personal data, including the king and the prime minister, were accessible for a short period of time.

Coop Sweden temporarily closes its stores after vendor breach

One of Sweden’s biggest supermarket chains was forced to temporarily close 500 of its stores in July due to a ransomware attack against one of its suppliers.

The incident is connected to the attack on the US-based software firm Kaseya, which is thought to have affected more than a thousand organisations worldwide.

Although Coop Sweden wasn’t directly compromised in the breach – nor does it use Kesaya – one of its software providers does.

In a statement, the company confirmed: “One of our subcontractors was hit by a digital attack, and that’s why our checkouts aren’t working any more.”

“We regret the situation and will do all we can to reopen swiftly,” the cooperative added.

Meanwhile, a spokesperson for the company said: “The whole paying system at our tills and our self-service checkouts stopped working so we need time to reboot the system.”

Coop Sweden didn’t reveal the subcontractor or any details about how it has been compromised. However, cyber security firm Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.

According to the firm, the Russia-linked REvil ransomware gang was responsible for the attack.

Data breach at CoronaCheck app reveals users’ sensitive data

We close this month’s review with another COVID-19 data breach. This time it was the coronavirus testing company Testcoronanu, which reportedly leaked 60,000 Dutch residents’ sensitive data.

RTL Nieuws reported that the leak made it possible for malicious actors to add fake negative coronavirus test results or proof of vaccination.

All you needed to do was enter two lines of code in the publicly accessible database, after which you would automatically receive a travel certificate from Testcoronanu.

In addition to this, users could alter the information of other people. “Anyone with an internet connection could simply adjust data in a corona database. You start to wonder: who else has abused this?”, director of the cybersecurity company ESET Netherlands, Dave Maasland said.

The site has since been shut down by the Dutch Ministry of Health, and people who had a COVID-19 test booked were forced to make an appointment with a different provider.

Do you have a plan for disaster

If you find yourself facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process.

They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.