Keeper is cost-effective and easy to deploy – and the industry is taking notice. Keeper Security’s zero-trust Privileged Access Management (PAM) solution, KeeperPAM®, has again been
2024 has been quite the year for malware attacks. So far this year, major companies like Change Healthcare, Ticketmaster, Ascension Hospital, ABN AMRO and CDK Global have all been affected by malware attacks.
Keep reading to learn more about each of these major malware attacks and how your company can protect itself from malware attacks.
Change Healthcare
On February 21, 2024, a Russian cybercriminal group called BlackCat removed over six terabytes of data during a malware attack on Change Healthcare. For those unfamiliar with Change Healthcare, it is one of the biggest payment processing companies in the healthcare industry worldwide. This malware attack caused an extensive amount of American medical claims to get backlogged, leaving medical offices, pharmacies and hospitals with significant financial problems and patients unable to access medical care. Change Healthcare is a subsidiary of UnitedHealth Group, and as a result of the malware attack, UnitedHealth Group paid a $22 million ransom. Following this cyber attack, Change Healthcare announced that sensitive patient data was compromised, including medical diagnoses and test results.
Based on a hearing after this malware attack, it was found that one of the reasons why Change Healthcare’s data was exposed is that UnitedHealth Group did not enable Multi-Factor Authentication (MFA) on one of Change Healthcare servers. Change Healthcare believes approximately 33% of Americans had sensitive medical data leaked on the dark web due to the malware attack. Change Healthcare advises anyone affected by this malware attack to visit their support page or call (866) 262-5342 for more information.
Ticketmaster
One of the most talked-about malware attacks occurred on April 2, 2024, to Ticketmaster, a ticket sales company for concerts, sporting games and other events. A hacking group called ShinyHunters took responsibility for taking the data of over 500 million Ticketmaster customers, including phone numbers, email addresses, credit card numbers and tickets to events. ShinyHunters asked for $500,000 as a ransom payment instead of selling the data on the dark web. Even though customer passwords were not reported to be part of the data breach, many Ticketmaster customers took action and changed their passwords to better protect their Ticketmaster accounts.
Ticketmaster’s parent company, Live Nation, launched an investigation and found unauthorized activity within one of their third-party cloud databases. Ticketmaster notified customers who were affected by the malware attack and advised them to monitor activity on bank accounts – even offering customers a free 12-month credit for an identity monitoring service.
Ascension Hospital
Unusual activity was detected on Ascension’s networks on May 8, 2024, due to a ransomware attack. Black Basta, a cybercriminal group, was involved in this attack on the Catholic health system with almost 150 hospitals in over 10 states. As a result, doctors, nurses and healthcare providers were locked out of medical systems that keep track of appointments, health records, medical prescriptions, procedures and more. This malware attack compromised private patient data, and many clinicians nationwide experienced lost lab results, errors in medication dosage and inability to take in emergency cases for over a month. Medical professionals were forced to use Google Docs and text threads to track medication and document important updates about patients. By June 14, 2024, Ascension announced that it had restored access to its Electronic Health Records (EHRs), but patient data would be temporarily unavailable until the company’s portals were updated with correct information.
ABN AMRO
On May 29, 2024, ABN AMRO, one of the largest Dutch banks, suffered a data breach after its third-party service provider, AddComm, was the victim of a ransomware attack. In this attack, unauthorized users accessed the data of many ABN AMRO clients, even though the bank’s systems were not directly affected. There has been no confirmation about what kinds of data were sold on the dark web, as experts are still investigating this cybercrime.
ABN AMRO has been contacting clients whose data was affected by the AddComm ransomware attack, even though there hasn’t been any evidence that unauthorized users have used ABN AMRO’s clients’ data. Although it is not confirmed if all of its customers were affected, ABN AMRO has over five million clients in retail, corporate and banking sectors who could have been victims of this data breach. ABN AMRO has stopped using AddComm’s services as a result of this attack.
CDK Global
North American car dealerships were impacted by a major malware attack on CDK Global on June 18, 2024. CDK Global provides software to thousands of car dealerships in North America that allows dealerships to manage their sales, finances, inventory and more. Over 10,000 car dealerships in the United States were targeted by BlackSuit, a cybercriminal group that stole customers’ private information. The kinds of information stolen in this attack included Social Security numbers, bank account numbers, home addresses, credit card information and phone numbers.
As a result of this attack, many dealerships were left to struggle without their digital systems, even reverting back to using pen and paper to conduct business operations. One week after the initial attack, CDK Global told its clients that it would be shutting down temporarily while it recovered from the malware attack. It began restoring car dealerships’ systems in phases at the start of July.
Protect your company from malware attacks
Although malware attacks can seem random, there are several ways you can keep your company safe from falling victim to them:
- Use zero-trust security and zero-knowledge encryption to protect customer data
- Enforce Role-Based Access Controls (RBAC) to limit your employees’ amount of access
- Educate employees about signs of social engineering scams
- Secure employees’ passwords with a business password manager and require them to use MFA
- Invest in dark web monitoring, which will notify you immediately if an employee’s login credentials are found on the dark web
You can ensure the safety of your employees and company by relying on Keeper®. Start your free 14-day trial of Keeper Business today to help your employees create strong passwords and store them in secure, digital vaults.