Cyberattackers Cook Up Employee Personal Data Heist for Meyer

Meyer Corp., maker of Farberware and the premier cookware and bakeware distributor in the U.S., has begun notifying 2,747 workers that a cyberattack that occurred on Oct. 25 compromised their own information.

Meyer submitted a notice with the point out of Maine disclosing the breach, which it found out on Dec. 1. And even though the report provided to the Maine Legal professional Common doesn’t specially name the offender at the rear of the attack, the Conti ransomware group experienced now announced on its leak web-site on Nov. 7 it was in possession of the employee knowledge information, according to a report this week on the cyberattack.

Meyer, centered in Vallejo, Calif., was storing in depth information on its employees, including names, Social-Security figures, driver’s-license quantities and far more, together with their name or other own identifier. Other data which could now possibly be in the palms of the Conti ransomware operators contain drug screening results, immigration information and facts and health and fitness and medical info.

The firm did not reveal several extra details of the strike, but it’s worthy of noting that Meyer is just one of many corporations breached by Conti’s prolific ransomware functions.

Conti’s Prolific Ransomware Functions

“Ransomware teams such as Conti have been a thorn in the aspect of businesses from almost all industries and about the entire world,” Erich Kron, security recognition advocate for KnowBe4, instructed Threatpost. “Attacks these as this one particular by the Conti group are typically a ransomware type of attack that initially steals the data, then encrypts it and holds the decryption essential ransom.”

But even if the organization pays the demanded ransom, its workforce, partners and shoppers remain vulnerable to subsequent shakedowns.

“In addition, the groups commonly threaten the victim corporation with exposure of the stolen details, which can consist of shoppers, employees, economical details or mental residence, among the other matters, if they do not fork out,” Kron said.

Just this thirty day period, KP Snacks, a U.K.-based food items huge, was strike by Conti ransomware, creating delays in deliveries across the region.

Holding Conti Out of Your Cloud

Holding this sort of sensitive knowledge saved in the cloud is a common follow, but leaves organizations vulnerable to attack if not thoroughly secured, Amit Shaked, CEO of Laminar, explained in reaction to the Meyer breach.

“Data is no more time a commodity, it’s a currency — as this incident signifies. Facts inside an organization’s network is worthwhile to equally businesses and attackers,” Shaked reported by means of email. “This incident also reminds us that with a majority of the world’s facts residing in the cloud, it is essential that security will become information-centric and solutions grow to be cloud-indigenous.”

Complete integration with the cloud is also critical, Shaked included.

“Solutions will need to be totally integrated with the cloud in get to discover likely risks and have a deeper understanding of exactly where the info reside,” he reported. “Using the dual technique of visibility and safety, info security groups can know for certain which knowledge outlets are worthwhile targets and make certain suitable controls, which permits for quicker discovery of any information leakage.”

Keeping ahead of innovative teams like Conti ransomware operators requires a crystal clear, risk-based mostly method, Aaron Sandeen, CEO and co-founder, Cyber Security Will work included.

“Ideally, businesses must seek out out around serious-time vulnerability platforms that can centralize risk facts and determine, look into and rank vulnerabilities centered on weaponization – a more productive tactic than waiting around for experiences to be formalized, interpreted and delegated,” Shaked advised.

But past complex answers, Kron added robust security training for staff will also aid preserve cyberattackers, like Conti, at bay.

Because teams this sort of as Conti and other bad actors use email phishing as a best approach of getting initial network access, it has never ever been extra critical to foster a sturdy, very good, security culture by means of security consciousness schooling and standard simulated attacks.”

Be a part of Threatpost on Wed. Feb 23 at 2 PM ET for a LIVE roundtable discussion, “The Secret to Retaining Strategies,” sponsored by Keeper Security, will target on how to locate and lock down your organization’s most delicate info. Zane Bond with Keeper Security will be part of Threatpost’s Becky Bracken to present concrete techniques to defend your organization’s critical details in the cloud, in transit and in storage. REGISTER NOW and make sure you Tweet us your thoughts forward of time @Threatpost so they can be