BlogNews30TH NOV 2023
AuthorSamir Yawar
4 min read
News

Capital Health Hospitals, Staples and Dollar Tree cyber attacks dominate headlines

Twitter
Facebook
WhatsApp
Email
LinkedIn
A blog image for cybersecurity roundup news for December 1, 2023

In a week marked by escalating cyber threats, our cybersecurity news roundup highlights three notable incidents affecting diverse sectors. Victims include the Capital Health Hospitals, Staples, and Dollar Tree outlets.

Cybersecurity Roundup

As cyber threats continue to evolve, this week's roundup underscores the critical importance of robust cybersecurity measures for organizations across various sectors to protect their operations and preserve the trust of their customers.

Capital Health Hospitals Hit by Cyberattack

Capital Health, a healthcare provider in New Jersey, recently experienced a cyberattack leading to significant IT outages across two of its hospitals. The attack disrupted various systems crucial for daily operations, affecting patient care, scheduling, and internal communications.

Capital Health confirmed that both hospitals are currently accepting incoming patients, including emergency rooms and all other locations, under protocols established for system downtime.

The non-profit services provider had this to say about the cybersecurity incident:

"Capital Health is experiencing network outages because of what we believe to be a cybersecurity incident; something we know is also being experienced at other health care organizations across the country. We are prioritizing safe patient care, while working to restore the network and address the impact of this disruption."

The medical services provider says that it expects some system limitations for a week at least.

While specific details of the attack remain undisclosed, the incident highlights the escalating threat to the healthcare sector's cybersecurity. Hospitals and healthcare organizations continue to be prime targets for cybercriminals seeking to exploit vulnerabilities in critical infrastructure, emphasizing the need for enhanced cybersecurity measures and proactive defense strategies in the healthcare industry.

Staples Confirms Cyberattack Behind Service Outages

Staples, a major office supply retailer, has confirmed a cyberattack as the cause behind recent service outages and delivery issues. 

The attack impacted Staples' ability to provide seamless services to its customers, leading to disruptions in online ordering, delivery delays, and potential compromises to customer data.

Employees expressed their frustration on Reddit, stating that their internal operations have been curtailed.

"Everything is still down. I work in store and we have no access to email, bizfit, pogs, ehelp desk. DM said they were fixing it over night last night but obviously nothing was fixed."

Staples has 994 stores across the US and Canada, supported by 40 fulfillment centers for storage and dispatch.

Dollar Tree Hit by Third-Party Data Breach

Dollar Tree, a popular discount retail chain, disclosed a data breach stemming from a third-party compromise, affecting approximately 2 million individuals.

Details of the breach were shared with the Maine Attorney General, revealing that Dollar Tree’s service provider faced a cybersecurity breach between August 7 and 8, 2023.

While Dollar Tree’s service provider Zeroed In assured customers that its internal systems remained secure, the incident highlights the interconnected nature of cybersecurity risks and the potential impact of third-party vulnerabilities on businesses.

Data stolen during the breach includes:

  • Names

  • Dates of birth

  • Social Security numbers (SSNs)

This breach serves as a reminder for companies to thoroughly vet and monitor the security practices of their third-party partners against attack vectors to mitigate the risk of data breaches and protect the privacy of their customers.

Samir Yawar
Samir Yawar / Content Lead
Samir wants a world where people can instinctively whack online scams and feel accomplished without the need for psychic powers. As an ISC2 member, he is doing his bit to turn cybersecurity awareness training into a fun concept with simple, approachable and accessible content. Reach out to him at X @yawarsamir
FAQsFrequently Asked Questions
Once cybercriminals obtain financial information, they can engage in various illegal activities to monetize it. This may include making unauthorized purchases, conducting identity theft, selling the information on the dark web, or even using the data for ransom purposes.