The Week in Breach: 12/04/19 - 12/10/19

United States - McLaren Health Plan 

Exploit: Phishing Scam
McLaren Health Plan: Health Maintenance Organization

A successful phishing attack on one of the company’s third-party vendors compromised patient data at McLaren Health Plan. The hackers used a compromised email account to send spam emails, putting patient data at risk. The exposure will inevitably lead to reputational damage, and the sensitive nature of the information breached will invite scrutiny from healthcare regulators along with the prospect of financial penalties.

United States - On The Border

Exploit: Malware Attack
On The Border: Casual Restaurant Chain

Hackers installed malware on the restaurant’s payment processing platform, which provided access to customers’ payment information from locations across 27 states. The attack occurred between April 10th and August 10th, and it did not include franchised restaurants or catering orders. Unfortunately, the breach wasn’t discovered until November 14th, giving hackers ample time to misuse customers’ personal information and financial data. Moreover, it’s unclear why the company waited several weeks to notify customers of the breach, a misstep that will certainly slow the recovery process.

United States - New Jersey Shakespeare Theater 

Exploit: Ransomware Attack
New Jersey Shakespeare Theater: Theater company dedicated to Shakespeare

A ransomware attack has disabled the company’s access to its ticketing system and patron database. The attack arrives as the company is scheduled to begin its holiday production, a significant draw for the theater. The first showing was cancelled while the company developed an alternative ticketing method. Fortunately, customer data was fully encrypted and not viewable by hackers, but the Shakespeare Theater also can’t access this information. In response, customers are being asked to bring confirmation emails or ticket stubs to the performance so that the show can go on.