Tag Archive for: Giant

Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack

/in


Japanese pharmaceutical giant Eisai this week announced that it has fallen victim to a ransomware attack that forced it to take certain systems offline.

Headquartered in Tokyo, the company has manufacturing facilities in Asia, Europe, and North America, and has subsidiaries on both American continents, in Asia-Pacific, Africa, and Europe. Last year, the company reported more than $5 billion in revenue.

The ransomware attack, the company says in an incident notification on its website, was identified on June 3, and resulted in the encryption of multiple servers.

Eisai says it immediately implemented its incident response plan, which involved taking systems offline to contain the attack, and launched an investigation.

“Eisai Group immediately established a company-wide task force, and is working on recovery efforts with the advice of external experts and undertaking measures to understand the scope of the incident. Additionally, Eisai Group has consulted with law enforcement,” the company announced.

The attack, Eisai says, impacted servers both in Japan and overseas, including logistics systems, which are yet to be restored. The company’s corporate websites and email systems remain operational.

Eisai says it has yet to determine whether any data was compromised or stolen during the attack.

Advertisement. Scroll to continue reading.

“Any potential impact of this incident on the consolidated earnings forecast of this fiscal year is currently under careful examination,” the company also said.

SecurityWeek is not aware of any ransomware gangs taking responsibility for this attack.

Eisai disclosed the incident roughly a week after health insurer Point32Health and biotechnology firm Enzo Biochem revealed that the personal information of millions of users was compromised in ransomware attacks.

Related: Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges

Related: Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack

Related: 3.3 Million Impacted by Ransomware Attack at California Healthcare Provider

Source…

Pharmaceutical Giant Eisai Hit by Ransomware Attack

/in



Eisai Co. headquarters in Tokyo

The Yomiuri Shimbun

12:36 JST, June 6, 2023

Pharmaceutical giant Eisai Co. said Tuesday that a number of its group servers have been hit by a ransomware attack, but to its knowledge, there have been no leaks of confidential material.

The company said it confirmed on late Saturday night that data on several servers had been encrypted in the attacks. To limit further possible damage, it cut off links with part of its domestic and overseas internal systems.

Eisai said it has been working in cooperation with experts and police to restore the system. The company is refraining from disclosing whether any monetary demands have been for confidential data being held hostage.

Source…

Ransomware breach hits US dental insurance giant, loses data of 9 mn patients, ET CIO

/in


The personal information of nearly nine million people in the US has been compromised in an apparent ransomware attack on one of the country’s largest dental health insurers.

US-based dental insurance giant Managed Care of North America (MCNA) Dental, said: “On March 6, 2023, MCNA became aware of certain activity in our computer system that happened without our permission. We quickly took steps to stop that activity. We began an investigation right away.”

Moreover, the company learned that a criminal was able to see and take copies of some information in their computer system between February 26 and March 7, 2023.

According to a data breach notification filed with Maine‘s attorney general, the hack affected over 8.9 million MCNA Dental clients, reports TechCrunch.

The LockBit ransomware group claimed responsibility for the cyberattack and claims to have published all of the files it stole from MCNA Dental after the company refused to pay a $10 million ransom demand.

According to a listing on LockBit’s dark web leak site, the notorious ransomware gang stole 700GB of data during the intrusion, the report said.

The stolen data includes a trove of personal information from patients, such as names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, and driver’s licences or other government-issued ID numbers.

Hackers also gained access to patient’s health insurance information, such as plan information and Medicaid ID numbers, as well as bill and insurance claim information, according to MCNA Dental.

Meanwhile, PharMerica, a leading pharmacy service provider in the US, which operates in more than 2,500 facilities across the country and offers over 3,100 pharmacy and healthcare programmes, has disclosed a data breach that compromised the personal information of nearly six million patients.

    Join the community of 2M+…

Source…

Industrial Giant ABB Confirms Ransomware Attack, Data Theft

/in


Swiss industrial giant ABB confirmed this week that it was recently targeted in a ransomware attack and that the cybercriminals exfiltrated some data.

The company has issued a press release and an FAQ describing the incident, with many details — including indicators of compromise (IoCs) — being withheld due to the ongoing law enforcement investigation. 

“ABB has determined that an unauthorized third-party accessed certain ABB systems, deployed a type of ransomware that is not self-propagating, and exfiltrated certain data,” ABB said. “The company is working to identify and analyze the nature and scope of affected data and is further assessing its notification obligations.” 

The malware was allegedly only deployed on a ‘limited number’ of servers and endpoints. The malware was distributed via manual intervention and it could not automatically spread through emails or on the local network, ABB said.

“All of ABB’s key services and systems are up and running, all factories are operating, and the company continues to serve its customers. The company also continues to restore any remain- ing impacted services and systems and is further enhancing the security of its systems,” the company noted.

In private notifications sent to customers, ABB said its forensic investigation found no evidence of customer systems being directly impacted. In addition, there is no indication that it’s unsafe to connect to ABB systems. 

Bleeping Computer was the first to report that ABB was targeted by the Black Basta ransomware group. Kevin Beaumont, a reputable cybersecurity researcher, has independently confirmed it

Advertisement. Scroll to continue reading.

Beaumont said on Friday that the company has paid the ransom, which would explain why it has not been named on Black Basta’s leak website. 

SecurityWeek reached out to ABB for comment on these claims, but the company said it’s not commenting beyond the information in its press release. 

ABB provides electrification and automation solutions in many countries around the world. The company has more than 100,000 employees. 

Related: Ransomware Gang Leaks Files Stolen From Industrial Giant Parker Hannifin

Related:

Source…