Skip to content

Recent Data Breaches You Should Know About - December 2019

Each year, hundreds of Canadian businesses and institutions suffer at the hands of cybercriminals. Here are just a few of Canada’s most significant cyberattacks for the month of December. 

Canadian Cyber Security Breaches

Malware Attack Compromises Ontario Catholic School District 

The Waterloo Catholic School District was forced to hire an expert IT security firm after a ransomware attack compromised the institution’s network functionality. As a result, the school district was unable to provide adequate services for Waterloo students for well over a week. 

Socially Engineered Cyber Attack Costs Local Brewery Millions  

Yet another cyber attack on the City of Waterloo, cybercriminals were able to dupe a local brewery out of millions of dollars following a calculated social engineering attack. A few fraudulent invoices and a little acting were all it took to convince an employee to pay over 2 million dollars in wire transfers. While the brewery is attempting to recover the funds, the outlook doesn’t look too promising. 

Customer Data Held Ransom in Vicious LifeLabs Attack 

A severe ransomware attack on LifeLabs (a leading provider of Canadian laboratory diagnostics and testing services) had the company handing over an undisclosed amount of cash. After breaching the organization’s IT infrastructure, the attackers were able to steal the personal data of millions of customers – for which they were (successfully) able to claim a large ransom. While the company claims all data has been returned, customers are encouraged to keep an eye on their user accounts. 

Ransomware Renders Hundreds of Company Computers Unusable 

Andrew Agencies, an insurance and financial services provider based out of Manitoba, also fell victim to a recent ransomware attack – rendering hundreds of company computers across three Canadian provinces virtually unusable. Known as Maze Ransomware, this particular form of malware allowed the attackers to encrypt approximately 63 terabytes of company data. To date, the company has declined the criminals’ demands for payment, and no customers have been impacted by the breach.

Communications Giant Falls Victim to Data Breach

When it comes to cybercrime, no business is safe – not even a multi-million dollar media giant like Shaw Communications. Several Calgary-based customers were told to change their account passwords and set up two-step verification after an employee device was stolen. According to Shaw, the laptop contained customer information such as names, account numbers and other account details – but did not include any financial or personal information. 

Plenty of Fish Breach Raises Safety Concerns 

Online dating service Plenty of Fish has come under fire after a privacy breach exposed users’ hidden data. Information such as names, postal codes and other details became openly visible on the site’s mobile app – posing a potential safety risk for customers. While the issue was quickly taken care of by site developers, affected users are encouraged to proceed with caution. 

Other News for December:

New Variant of Ransomware Targets Canadian Healthcare and IT Companies

Zeppelin is a new form of ransomware cropping up in Canada, the US an

d Europe. Geared towards healthcare organizations and IT companies, Zeppelin uses MSPs to infiltrate company management software. The attackers are said to be deploying this new form of malware through publicly exposed remote desktop servers, resulting in potentially devastating consequences for unsuspecting businesses.  

Other Breaches:

TWIB Social 12.30.19

Below are other notable, global cyber security breaches for December:

 

Name of the Organization

Type of Exploitation

Type of Company

Location

DeBella’s Subs

Malware Attack 

Restaurant Chain

US

Great Plains Health

Ransomware 

Hospital

North Platte, NE, US

Magellan RX Management

Phishing Scam 

Pharmacy Benefit Manager

US

Datrix

Phishing Attack

Network and Cloud Solutions Provider

UK

Vistaprint

Exposed Database

Marketing Product Provider

Netherlands

Prosegur

Ransomware

Cash Logistics and Private Security Company

Spain

Rooster Teeth Productions

Malware Attack

Entertainment Production Company

US

Conway Medical Centre

Phishing Attack

Healthcare Provider

Conway, SC, US

Central Square Technologies

Malware Attack

Technology Services Provider

Marietta, GA, US

Nexus Mods

Unauthorized Database Access

Game Modification Website

US

Missoma

Malware Attack

Jewelry Retailer

UK

Justus Liebig University

Ransomware

University

Germany

The Heritage Company

Ransomware

Telemarketing Firm

US

Ring

Accidental Data Sharing

Video Doorbell and Security Camera Manufacturer

US

Center For Healthcare Services

Ransomware

Healthcare Provider

San Antonio, TX, US

PayPal

Phishing Attack

Online Payment Platform

US

Frankfurt

Malware

Municipality

Germany

Primus Realty

Accidental Data Sharing

Real Estate Service Provider

Australia

 

Protect your business with the help of a qualified Managed IT Services Provider. At GAM Tech, we specialize in delivering affordable, responsive, reliable, accountable service to small and medium-sized organizations just like you.  

Book your Consultation today!