Each year, hundreds of Canadian businesses and institutions suffer at the hands of cybercriminals. Here are just a few of Canada’s most significant cyberattacks for the month of December.
Canadian Cyber Security Breaches
Malware Attack Compromises Ontario Catholic School District
The Waterloo Catholic School District was forced to hire an expert IT security firm after a ransomware attack compromised the institution’s network functionality. As a result, the school district was unable to provide adequate services for Waterloo students for well over a week.
Socially Engineered Cyber Attack Costs Local Brewery Millions
Yet another cyber attack on the City of Waterloo, cybercriminals were able to dupe a local brewery out of millions of dollars following a calculated social engineering attack. A few fraudulent invoices and a little acting were all it took to convince an employee to pay over 2 million dollars in wire transfers. While the brewery is attempting to recover the funds, the outlook doesn’t look too promising.
Customer Data Held Ransom in Vicious LifeLabs Attack
A severe ransomware attack on LifeLabs (a leading provider of Canadian laboratory diagnostics and testing services) had the company handing over an undisclosed amount of cash. After breaching the organization’s IT infrastructure, the attackers were able to steal the personal data of millions of customers – for which they were (successfully) able to claim a large ransom. While the company claims all data has been returned, customers are encouraged to keep an eye on their user accounts.
Ransomware Renders Hundreds of Company Computers Unusable
Andrew Agencies, an insurance and financial services provider based out of Manitoba, also fell victim to a recent ransomware attack – rendering hundreds of company computers across three Canadian provinces virtually unusable. Known as Maze Ransomware, this particular form of malware allowed the attackers to encrypt approximately 63 terabytes of company data. To date, the company has declined the criminals’ demands for payment, and no customers have been impacted by the breach.
Communications Giant Falls Victim to Data Breach
When it comes to cybercrime, no business is safe – not even a multi-million dollar media giant like Shaw Communications. Several Calgary-based customers were told to change their account passwords and set up two-step verification after an employee device was stolen. According to Shaw, the laptop contained customer information such as names, account numbers and other account details – but did not include any financial or personal information.
Plenty of Fish Breach Raises Safety Concerns
Online dating service Plenty of Fish has come under fire after a privacy breach exposed users’ hidden data. Information such as names, postal codes and other details became openly visible on the site’s mobile app – posing a potential safety risk for customers. While the issue was quickly taken care of by site developers, affected users are encouraged to proceed with caution.
Other News for December:
New Variant of Ransomware Targets Canadian Healthcare and IT Companies
Zeppelin is a new form of ransomware cropping up in Canada, the US an
d Europe. Geared towards healthcare organizations and IT companies, Zeppelin uses MSPs to infiltrate company management software. The attackers are said to be deploying this new form of malware through publicly exposed remote desktop servers, resulting in potentially devastating consequences for unsuspecting businesses.
Other Breaches:
Below are other notable, global cyber security breaches for December:
|
Name of the Organization |
Type of Exploitation |
Type of Company |
Location |
|
DeBella’s Subs |
Malware Attack |
Restaurant Chain |
US |
|
Great Plains Health |
Ransomware |
Hospital |
North Platte, NE, US |
|
Magellan RX Management |
Phishing Scam |
Pharmacy Benefit Manager |
US |
|
Datrix |
Phishing Attack |
Network and Cloud Solutions Provider |
UK |
|
Vistaprint |
Exposed Database |
Marketing Product Provider |
Netherlands |
|
Prosegur |
Ransomware |
Cash Logistics and Private Security Company |
Spain |
|
Rooster Teeth Productions |
Malware Attack |
Entertainment Production Company |
US |
|
Conway Medical Centre |
Phishing Attack |
Healthcare Provider |
Conway, SC, US |
|
Central Square Technologies |
Malware Attack |
Technology Services Provider |
Marietta, GA, US |
|
Nexus Mods |
Unauthorized Database Access |
Game Modification Website |
US |
|
Missoma |
Malware Attack |
Jewelry Retailer |
UK |
|
Justus Liebig University |
Ransomware |
University |
Germany |
|
The Heritage Company |
Ransomware |
Telemarketing Firm |
US |
|
Ring |
Accidental Data Sharing |
Video Doorbell and Security Camera Manufacturer |
US |
|
Center For Healthcare Services |
Ransomware |
Healthcare Provider |
San Antonio, TX, US |
|
PayPal |
Phishing Attack |
Online Payment Platform |
US |
|
Frankfurt |
Malware |
Municipality |
Germany |
|
Primus Realty |
Accidental Data Sharing |
Real Estate Service Provider |
Australia |
Protect your business with the help of a qualified Managed IT Services Provider. At GAM Tech, we specialize in delivering affordable, responsive, reliable, accountable service to small and medium-sized organizations just like you.
Book your Consultation today!