• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
cyberattackers cook up employee personal data heist for meyer

Cyberattackers Cook Up Employee Personal Data Heist for Meyer

You are here: Home / Latest Cyber Security Vulnerabilities / Cyberattackers Cook Up Employee Personal Data Heist for Meyer
February 22, 2022

The Conti gang breached the cookware giant’s network, prepping countless numbers of employees’ individual details for consumption by cybercrooks.

Meyer Corp., maker of Farberware and the premier cookware and bakeware distributor in the U.S., has begun notifying 2,747 workers that a cyberattack that occurred on Oct. 25 compromised their own information.

Meyer submitted a notice with the point out of Maine disclosing the breach, which it found out on Dec. 1. And even though the report provided to the Maine Legal professional Common doesn’t specially name the offender at the rear of the attack, the Conti ransomware group experienced now announced on its leak web-site on Nov. 7 it was in possession of the employee knowledge information, according to a report this week on the cyberattack.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Click to Sign up for Free

Meyer, centered in Vallejo, Calif., was storing in depth information on its employees, including names, Social-Security figures, driver’s-license quantities and far more, together with their name or other own identifier. Other data which could now possibly be in the palms of the Conti ransomware operators contain drug screening results, immigration information and facts and health and fitness and medical info.

The firm did not reveal several extra details of the strike, but it’s worthy of noting that Meyer is just one of many corporations breached by Conti’s prolific ransomware functions.

Conti’s Prolific Ransomware Functions

“Ransomware teams such as Conti have been a thorn in the aspect of businesses from almost all industries and about the entire world,” Erich Kron, security recognition advocate for KnowBe4, instructed Threatpost. “Attacks these as this one particular by the Conti group are typically a ransomware type of attack that initially steals the data, then encrypts it and holds the decryption essential ransom.”

But even if the organization pays the demanded ransom, its workforce, partners and shoppers remain vulnerable to subsequent shakedowns.

“In addition, the groups commonly threaten the victim corporation with exposure of the stolen details, which can consist of shoppers, employees, economical details or mental residence, among the other matters, if they do not fork out,” Kron said.

Just this thirty day period, KP Snacks, a U.K.-based food items huge, was strike by Conti ransomware, creating delays in deliveries across the region.

Holding Conti Out of Your Cloud

Holding this sort of sensitive knowledge saved in the cloud is a common follow, but leaves organizations vulnerable to attack if not thoroughly secured, Amit Shaked, CEO of Laminar, explained in reaction to the Meyer breach.

“Data is no more time a commodity, it’s a currency — as this incident signifies. Facts inside an organization’s network is worthwhile to equally businesses and attackers,” Shaked reported by means of email. “This incident also reminds us that with a majority of the world’s facts residing in the cloud, it is essential that security will become information-centric and solutions grow to be cloud-indigenous.”

Complete integration with the cloud is also critical, Shaked included.

“Solutions will need to be totally integrated with the cloud in get to discover likely risks and have a deeper understanding of exactly where the info reside,” he reported. “Using the dual technique of visibility and safety, info security groups can know for certain which knowledge outlets are worthwhile targets and make certain suitable controls, which permits for quicker discovery of any information leakage.”

Keeping ahead of innovative teams like Conti ransomware operators requires a crystal clear, risk-based mostly method, Aaron Sandeen, CEO and co-founder, Cyber Security Will work included.

“Ideally, businesses must seek out out around serious-time vulnerability platforms that can centralize risk facts and determine, look into and rank vulnerabilities centered on weaponization – a more productive tactic than waiting around for experiences to be formalized, interpreted and delegated,” Shaked advised.

But past complex answers, Kron added robust security training for staff will also aid preserve cyberattackers, like Conti, at bay.

Because teams this sort of as Conti and other bad actors use email phishing as a best approach of getting initial network access, it has never ever been extra critical to foster a sturdy, very good, security culture by means of security consciousness schooling and standard simulated attacks.”

Be a part of Threatpost on Wed. Feb 23 at 2 PM ET for a LIVE roundtable discussion, “The Secret to Retaining Strategies,” sponsored by Keeper Security, will target on how to locate and lock down your organization’s most delicate info. Zane Bond with Keeper Security will be part of Threatpost’s Becky Bracken to present concrete techniques to defend your organization’s critical details in the cloud, in transit and in storage. REGISTER NOW and make sure you Tweet us your thoughts forward of time @Threatpost so they can be

 

 

 


Some elements of this post are sourced from:
threatpost.com

Previous Post: «Cyber Security News Sea Mar Accused of Negligence Over Data Breach
Next Post: Gaming, Banking Trojans Dominate Mobile Malware Scene gaming, banking trojans dominate mobile malware scene»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.