Cybercriminals have been hard at work this week. Reports of Panasonic, German Hospitals, Ohio Lottery hacks outline how threat actors continue to exploit new vulnerabilities to target major organizations.

Cybersecurity News Roundup for Dec 29, 2023

We take a look at what went down during the end of the year.

Panasonic Avionics Corporation, a prominent provider of in-flight communication and entertainment systems, has revealed a data breach impacting an undisclosed number of individuals. The breach occurred over a year ago, in December 2022, when the corporate network was compromised.

The assailant managed to infiltrate a subset of devices within the corporate network, accessing information categorized as data collected from the affected individuals and their respective employers. Despite the exposure of personal and health data, there is currently no evidence to suggest that the information has been misused since the time of the attack.

"On December 30, 2022, Panasonic identified evidence of an issue potentially impacting certain systems in our corporate network environment that occurred on or around December 14, 2022," the company said.

The compromised information encompasses details such as:

• Names of affected individuals
  

• Contact information (including email addresses, mailing addresses, and telephone numbers)
  

• Dates of birth
  

• Medical and health insurance details
  

• Financial account numbers
  

• Employment status within the company
  

• Social Security numbers
  

In response to the breach, Panasonic is taking proactive measures by offering 24 months of complimentary identity and credit monitoring services through Kroll for all those impacted. Individuals are strongly urged to monitor their reports for any signs of suspicious activity.

It's worth noting that Panasonic's in-flight entertainment (IFE) solutions are present on over 15,000 commercial airplanes, with more than 3,780 of them providing customers with Panasonic Avionics satellite Wi-Fi connectivity. Over 200 airlines globally rely on Panasonic's IFE, Wi-Fi, and digital services for approximately 70% of the global IFE-equipped fleet.

The Katholische Hospitalvereinigung Ostwestfalen (KHO), a German hospital network, has officially confirmed that recent disruptions in services at three of its hospitals were a result of a Lockbit ransomware attack. The incident occurred on the early morning of December 24, 2023, severely impacting the operational systems of hospitals located in Bielefeld, Rheda-Wiedenbrück, and Herford, Germany.

According to a translated statement from the hospital, unidentified actors gained access to the IT infrastructure of the hospitals, encrypting data in what appears to be a cyberattack involving Lockbit 3.0. The resolution time for this attack is currently unpredictable. In response to the breach, all systems were immediately shut down for security reasons, and relevant parties and institutions were promptly informed.

Investigations are ongoing, and as of now, the extent of the damage and whether the attackers exfiltrated any data remain undetermined. The affected hospitals under KHO's operation include:

• Franziskus Hospital Bielefeld (614 beds, ten specialist departments, 390 doctors and staff)
  

• Sankt Vinzenz Hospital Rheda-Wiedenbrück (614 beds, five specialist departments, 200 doctors and staff)
  

• Mathilden Hospital Herford (614 beds, eight specialist departments, 230 doctors and staff)
  

Given the critical role these hospitals play in delivering healthcare services in their respective areas, a cyberattack on their IT systems poses a significant risk, potentially causing severe repercussions for individuals in medical emergencies. Emergency care is currently unavailable at the affected KHO hospitals, leading to the redirection of urgently needed medical care to alternative facilities, which may result in critical delays.

The Lockbit ransomware gang has not listed KHO on its extortion portal on the dark web. Therefore, the potential theft of patient data or other sensitive information by cybercriminals remains undetermined at this time. Investigations are ongoing to assess the full scope of the incident.

In an unexpected turn of events, the Ohio Lottery found itself grappling with the aftermath of a cyberattack that compelled the shutdown of crucial systems on Christmas Eve. While the incident is currently under investigation, the Ohio Lottery is diligently working to restore all affected services, assuring the public that its gaming system remains fully operational.

According to a press release issued on Wednesday, the cyberattack impacted an undisclosed number of internal applications, prompting the temporary unavailability of certain services. 

"Mobile cashing and prize cashing above $599 at Super Retailers are currently not available," the lottery stated.

In addition to the cashing services, the incident has also affected the accessibility of winning numbers for popular lottery games, including KENO, Lucky One, and EZPLAY Progressive Jackpots. These numbers are temporarily inaccessible on the Ohio Lottery website and mobile app, but alternatives are provided to check them at any Ohio Lottery Retailer.

While the investigation is ongoing, the Ohio Lottery encourages customers to utilize alternative channels for checking winning numbers. The lottery's website and mobile app, although experiencing limitations, still offer options for patrons to stay informed during this period of system restoration.

The Ohio Lottery assures its customers that the gaming system itself remains unaffected by the cyber incident, and efforts are underway to rectify the situation promptly.

Check out our previous news reports about cybersecurity happenings around the world:

• GTA6 Leaker, MS Drainer and Falsefont Malware

• Kyivstar, Russian Tax Agency and BazarCall Attacks

• HTC, Nissan, and Navy Contractor Austal USA Breaches