Back To Resource Center

Published: May 1, 2024

TalPoint’s Monthly Security Brief – May 2024

By Annie blog posts

Friday, May 31, 2024

1. Ransomware Attacks

Nothing to report.

2. Certifications

D2F Services Pvt. Ltd, the leading drone-based chemical spraying service provider in India operating under the brand name AgriWings, have become the first ever drone-based service providers in India to complete the annual ISO 27001:2022 certificate.

3. Company Fines

Nothing to report.

Thursday, May 30, 2024

1. Ransomware Attacks

Nothing to report.

2. Certifications

Port53, a Cisco Gold Provider for security solutions with Master Security Architecture Specialization, announced the completion of its SOC 2 Type 1 accreditation.

Ultra Support, a leading provider of third-party maintenance services for Enterprise IT, announced the completion of its SOC 2 Type 2 accreditation.

3. Company Fines

Nothing to report.

Wednesday, May 29, 2024

1. Ransomware Attacks

The Seattle Public Library’s online catalog, e-books, Wi-Fi and public computers have all been taken offline Tuesday, as the agency investigates what it described as a ransomware event. Read more here.

2. Certifications

Datamatics Business Solutions (DBSL), a global leader in providing offshore outsourcing services exclusively to CPA/Accounting firms for over 20 years, announced the completion of its SOC 2 Type 2 accreditation.

Sauce Labs Inc, a leading provider of continuous testing and software quality solutions to deliver digital confidence to enterprises, has completed the annual ISO 27001/27701 recertification.

Countrywide Surveying Services (CSS), one of the leading suppliers of property risk management, valuations and customer surveys in the UK, has completed the annual ISO 27001 recertification.

3. Company Fines

Nothing to report.

Tuesday, May 28, 2024

1. Ransomware Attacks

Christie’s – The auction house has confirmed suffering a data breach on Monday after RansomHub threatened to leak information stolen from the company. Christie’s website went offline earlier this month due to what the company described at the time as a “technology security incident”. The cyberattack was launched just as the auction house was attempting to sell high-value items worth an estimated $840 million. Read more here.

2. Certifications

Decisimo, a SaaS decision engine dedicated to simplifying the management of decision strategies through no-code solutions, announced the completion of its SOC 2 Type 2 accreditation.

Orbit Markets, the leading market maker of digital asset options and structured derivatives, announced the renewal of ISO 27001, ISO 27701, and SOC 2 Type 2 accreditations for the second consecutive year.

AsiaVerify, a RegTech solution provider, announced the achievement of ISO 27001:2022.

Lean Solutions Group (LSG), a nearshore and offshore services provider, announced the achievement of ISO/IEC 27001.

3. Company Fines

Nothing to report.

Friday, May 24, 2024

1. Ransomware Attacks

Nothing to report.

2. Certifications

Nothing to report.

3. Company Fines

Nothing to report.

Thursday, May 23, 2024

1. Ransomware Attacks

Nothing to report.

2. Certifications

Trillium Health Resources, an innovative health plan for individuals with serious behavioral health, intellectual/developmental disabilities, and traumatic brain injury in 46 counties in North Carolina, announced the completion of its SOC 2 Type 2 accreditation.

Fast Track, the leading CRM platform built specifically for the iGaming industry, announced the completion of its SOC 2 accreditation.

Quark Software, the global provider of content automation, intelligence and design software, has successfully renewed its ISO 27001 ISM certification.

3. Company Fines

Nothing to report.

Wednesday, May 22, 2024

1. Ransomware Attacks

London Drugs confirmed yesterday that cybercriminals have demanded a ransom for data that was taken in a cyberattack that caused stores to shut for a week. The retail and pharmacy chain had to shut down its nearly 80 stores across B.C., Alberta, Saskatchewan and Manitoba for a week after the cyberattack was reported on April 28. Read more here.

Trego County Lemke Memorial Hospital, a 25-bed critical access hospital in Wakeeney, Kansas, is recovering from a ransomware attack. The hospital reportedly identified a computer network disruption May 6 and discovered a targeted ransomware attack. The hospital notified the FBI of the attack and its IT team is restoring computer functions after the initial disruption. Read more here.

2. Certifications

Integral Ad Science, a leading global media measurement and optimization platform, has been awarded the ISO 27001:2022 certification.

Exalate, a global integration solution provider, has been awarded the ISO 27001 certification.

QuSecure, a leader in post-quantum cryptography (PQC), announced the completion of its SOC 2 Type 2 accreditation.

EMQ, developer of the world’s leading open-source MQTT messaging platform, EMQX, announced the completion of its SOC 2 Type 2 accreditation.

3. Company Fines

Nothing to report.

Wednesday, May 15, 2024

1. Ransomware Attacks

A ransomware attack targeting Rockford Public Schools has shut down its phone and email systems. In an email to parents and guardians Wednesday, Superintendent Steve Matthews said the district’s buildings are secure, and emergency phones have been placed in each building. Read more here.

2. Certifications

DiGGrowth, a leading marketing analytics platform, announced the completion of its SOC 2 Type 2 accreditation.

Boom, a proptech company specializing in modern rental financial services, announced the completion of its SOC 2 Type 2 accreditation.

Altair, a global leader in computational intelligence, has been awarded the ISO 27001:2022 certification.

3. Company Fines

Nothing to report.

Tuesday, May 14, 2024

1. Ransomware Attacks

Ascension Health System – A ransomware attack has forced hospital group Ascension’s computer systems offline and diverted ambulances away from some of its emergency departments. The attack was perpetrated by Russia-linked ransomware group Black Basta.

Current Status:

  • 5/14/24– Ascension said its facilities remain open but that several hospitals are turning away ambulances and diverting them to other hospitals “to ensure emergency cases are triaged immediately.” Read more here.
  • 5/10/24 – A cyberattack affected clinical operations at St. Louis-based Ascension health system.

2. Certifications

Nuspire, a leading managed security services provider (MSSP), announced the completion of its SOC 2 Type 2 accreditation.

Binance Kazakhstan has been awarded the ISO 27001 and ISO 27701 certifications.

RegDOX Solutions Inc., a leader in secure and compliant solutions for managing Controlled Unclassified Information (CUI), has been awarded the ISO 27001 certification.

ZINFI Technologies, Inc., a global leader in Unified Partner Management (UPM) solutions, announced the completion of its SOC 2 Type 2 accreditation.

3. Company Fines

Nothing to report.

Monday, May 13, 2024

1. Ransomware Attacks

Nothing to report.

2. Certifications

eToro, a trading and investment platform, announced the completion of its SOC 2 Type 2 accreditation.

3. Company Fines

Nothing to report.

Friday, May 10, 2024

1. Ransomware Attacks

2. Certifications

Activate Care, a provider of SDOH services and care coordination, announced the completion of its SOC 2 Type 2 accreditation.

3. Company Fines

Meta– An appeal against a €265m fine imposed by the Irish Data Protection Commission (DPC) has been delayed until a related EU court decision is made.  A Justice ruled that the fine, imposed after a data breach affecting over 500 million Facebook users, won’t be effective until the EU Court of Justice rules on Meta’s separate appeal against a €225m DPC fine for WhatsApp.

Thursday, May 9, 2024

1. Ransomware Attacks

Nothing to report.

2. Certifications

Payload, a fintech platform, announced the completion of its SOC 2 Type 2 accreditation.

Josys, a SaaS and device management platform that simplifies how IT works, announced the completion of its SOC 2 Type 2 accreditation.

The Attivo Group, a Value Added Resellers of Enterprise Resource Planning (ERP) solutions and consulting services, announced the completion of its SOC 1 Type 2 accreditation.

SheerID, an organization in identity verification for commerce, obtained ISO 27001:2019 certification.

3. Company Fines

Nothing to report.

Wednesday, May 8, 2024

1. Ransomware Attacks

The Department of Justice has unsealed charges against a Russian national accused of developing and administrating LockBit ransomware. In a filing on Tuesday, the DOJ claims the 31-year-old Dmitry Yuryevich Khoroshev helped make LockBit one of “the most prolific and destructive ransomware group[s] in the world.” Read more here.

2. Certifications

Vodafone Idea, a telecom operator, announced the completion of its SOC 2 Type 2 accreditation.

Registrar Corp, the world-largest FDA compliance firm, obtained ISO 27001 certification.

Optiva Inc., an organization in powering the telecom industry with cloud-native billing, charging and revenue management software on private and public clouds, obtained ISO 27001 certification.

CyberLink Corp., a FaceMe facial recognition platform, obtained ISO 27001:2022 certification.

3. Company Fines

Nothing to report.

Tuesday, May 7, 2024

1. Ransomware Attacks

Nothing to report.

2. Certifications

Nothing to report.

3. Company Fines

Nothing to report.

Thursday, May 2, 2024

1. Ransomware Attacks

Nothing to report.

2. Certifications

Deltec Bank and Trust Limited, a private and corporate bank, announced the completion of its SOC 2 Type 1 accreditation.

Hidden Road, the global credit network for institutions, announced the completion of its SOC 2 Type 2 accreditation.

3. Company Fines

Nothing to report.

Wednesday, May 1, 2024

1. Ransomware Attacks

Nothing to report.

2. Certifications

GMI, a Total IT Solution Provider and Managed Security Service Provider, announced the completion of its SOC 2 Type 2 accreditation.

Cloaked, a consumer-first privacy company, announced the completion of its SOC 2 Type 2 accreditation.

Hypori, a cybersecurity SaaS provider enabling bring-your-own-device (BYOD) capability and zero-trust access via any mobile device, announced the completion of its SOC 2 Type 2 accreditation.

Steer Health, an organization in AI-powered healthcare automation, announced the completion of its SOC 2 Type 2 accreditation. 

Turning Point Global Solutions, a software engineering and information technology (IT) professional services firm, obtained ISO 27001:2013  certification.

3. Company Fines

Nothing to report.

Our large and diverse network of experts is here to help...

Charles M.

Principal

Charlies is a 14 year cyber security expert. He started his career in the U.S. armed forces and then transitioned into commercial roles. A security engineer by training, he's well-versed in tool deployment and administration.

Ellen K.

GRC Expert

Ellen bring a decade of GRC expertise to the TalPoint community. She's knowledgeable on a variety of frameworks and employs a methodical approach to compliance. She's available for needs assessments, gap assessments, internal audits, and for certain frameworks running independent 3rd party audits.

Zachary C.

Founder and CRO

Zachary bring a 20+ year career in risk management to the TalPoint community. He's worked across healthcare, finance, and supply chain manufacturing. His broad experience offers both a holistic view of risk as well as a common sense approach to risk management.