Exploit: Third-Party Breach (Ransomware)
The Regional Municipality of Durham: Regional Government Services Entity
Risk to Business: 1.741 = Severe
The Regional Municipality of Durham, which provides regional services to eight local municipalities north of Lake Ontario, announced in an email that it “recently became aware of a cybersecurity incident that occurred with a third-party software provider which impacted the region.” That incident was through data services provider Accellion, breached several weeks ago by the Clop ransomware gang in an incident that continues to ripple into other organizations. The content of the leaked data is unclear but appear to be administrative records.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This kind of data will be a windfall for the gang in today’s booming dark web data markets, but the Accellion breach will also continue to be a nightmare for impacted organizations.