Scalable Business Technologies and No Phish Left Behind are not affiliated with nor do we condone illegal and harmful activities. As part of our ongoing efforts to educate the general community and encourage consumer privacy, cyberawareness, and safe browsing, we do occasionally report on larger security breaches strictly to raise awareness and emphasize the importance of cybersecurity training. After reporting on the alleged breach of Chattanooga State Community College by ransomware group Snatch, we discovered several more alleged breaches currently underway.
ALPHV, one of the most dangerous cybercriminal outfits, allegedly victimized four companies today:
- The Middleton Group, a poultry equipment manufacturer based in Missouri
- Highland Homes, a Texas homebuilder
- Valley Women's Health of Utah
- Voxx Electronics of Florida
If the breach allegations are true, many terabytes of confidential and highly sensitive data have been stolen and will soon be available for purchase on the dark web.
If you, or anyone you know, has done business with the above companies, we strongly recommend you reset all passwords and double-check all credit bureaus, credit cards, and bank accounts for any fraudulent activity. If you need any additional personal help with scam/breach response, please subscribe to Scalable's residential cybersecurity service for access to our 24/7 help line.
If your business has suffered a ransomware attack, follow this CISA ransomware response checklist and contact us for further assistance.
Cybersecurity is conceptually a lot like physical security: We can install all the locks and gates in the world, but if the security guard falls asleep with the door unlocked, anyone can get in. Similarly, if headquarters is fully protected, but staff are allowed to access sensitive data, applications, and passwords from less secure personal devices, the system cracks.
The defensive systems need to be coupled with a culture of security and awareness in order to really be effective.
Here are some steps business owners and leaders can take within your own organizations to significantly reduce the likelihood of a breach:
- Ensure sensitive data and systems are adequately firewalled and only accessible by authorized personnel, systems, and vendors.
- Ensure the use of multi-factor authentication for all critical systems.
- Employ the Principle of Least Privilege.
- Require complex passwords with regular expiration dates - vendor passwords and accesses included.
- Ensure remote staff are properly trained on systems access and cybersecurity best practices.
- Provide your people with continuing cybersecurity education, especially as technology continues to rapidly evolve.
- Create and maintain a culture of security.
- Ensure all systems are fully patched and protected with a managed antivirus solution.