Hack Alert: Tennessee Consolidated Retirement System Breached by Clop Ransomware Gang

Scalable Business Technologies and No Phish Left Behind are not affiliated with nor do we condone illegal and harmful activities. As part of our ongoing efforts to educate the general community and encourage consumer privacy, cyberawareness, and safe browsing, we do occasionally report on larger security breaches strictly to raise awareness and emphasize the importance of cybersecurity training. 

Clop, one of the most dangerous cybercriminal outfits, allegedly victimized the Tennessee Consolidated Retirement System (TCRS) last month by exploiting a vulnerability in the MOVEit file transfer tool. This breach affected nearly 200,000 Tennesseans by jeapordizing the integrity of their personal information and data. TCRS confirmed that the incident resulted in the breach of:

• Names
• Social Security numbers
• Addresses
• Dates of birth

If you, or anyone you know, has done business with TCRS, we strongly recommend you reset all passwords and double-check all credit bureaus, credit cards, and bank accounts for any fraudulent activity. If you need any additional personal help with scam/breach response, please subscribe to Scalable's residential scam assistance service for $16/mo and access to our 24/7 help line.

If your business has suffered a ransomware attack, follow this CISA ransomware response checklist and contact us for further assistance.

Cybersecurity is conceptually a lot like physical security: We can install all the locks and gates in the world, but if the security guard falls asleep with the door unlocked, anyone can get in. Similarly, if headquarters is fully protected, but staff are allowed to access sensitive data, applications, and passwords from less secure personal devices, the system cracks.

The defensive systems need to be coupled with a culture of security and awareness in order to really be effective.

Here are some steps business owners and leaders can take within your own organizations to significantly reduce the likelihood of a breach:

1. Ensure sensitive data and systems are adequately firewalled and only accessible by authorized personnel, systems, and vendors.
2. Ensure the use of multi-factor authentication for all critical systems.
3. Employ the Principle of Least Privilege.
4. Require complex passwords with regular expiration dates - vendor passwords and accesses included.
5. Ensure remote staff are properly trained on systems access and cybersecurity best practices.
6. Provide your people with continuing cybersecurity education, especially as technology continues to rapidly evolve.
7. Secure all wireless networks.
8. Create and maintain a culture of security.
9. Ensure all systems are fully patched and protected with a managed antivirus solution.

As always, please contact Scalable Business Technologies at any time for immediate assistance.