- California 5,750,000,000
- Oregon 1,300,000,000
- Florida 402,928,731
- Georgia 353,951,510
- Texas 349,995
Housing some of the largest companies in the world, California saw the most data breaches by US state with a total of over 5,750,000,000 data breaches. This alone made up for 56 percent of the US’s total cases from 2005 to 2019, says the study.
South Dakota, Wyoming, and Vermont rank as the least breached states in the US since 2005. The Privacy Rights data also revealed the cities where data breaches have been most common between 2005 and 2019, with New York leading the way.
A ransomware attack hit the Texas judiciary, forcing the judicial system to improvise to keep its courts functioning online since social distancing restrictions have eliminated many in-person solutions.
Texas’ Office of Court Administration said its information technology staff discovered the attack Friday morning and immediately disabled websites and servers for the Texas judiciary to stop the spread of the attack. The Texas judiciary is working with law enforcement and the Texas Department of Information Resources to investigate the cyberattack.
The Texas judiciary’s network will remain down until a remedy for the ransomware attack is found, the Office of Court Administration said this week. Ransomware is malicious software that requests payment from affected users in exchange for returning access to the data and systems held hostage by the attackers.
Phishing emails are used in over 92 percent of all data breaches, and healthcare is the No. 1 target for hackers, according to Colin Bastable, CEO of security awareness training company Lucy Security. “Ransomware attacks are incredibly disruptive and expensive to mitigate, and with so many staff working remotely all organizations are highly vulnerable,” he said via email. “One wonders if tokenization might have been effective in preventing hackers from stealing viable data. Today, everyone who has not been hacked should thank their lucky stars and train their employees to spot and report phishing emails. Up to 30 percent of untrained employees will fall for such a phishing email.”
Recovery and Mitigation Costs: At least $12 million
A coordinated ransomware attack hit 22 Texas towns on Aug. 16, using Sodinokibi (REvil) ransomware to lock the municipalities out of their IT systems after hackers breached the software of a third-party service provider used to remotely manage their infrastructure. The criminals demanded a ransom of $2.5 million to regain access to the IT systems, but none of the affected towns were willing to pay.
All of the affected towns have transitioned from assessment to remediation and recovery by a week after the attack, with more than half resuming normal operations as of Sept. 9, according to the Texas Department of Information Resources (DIR). The state declined to release the names of the affected cities, with only Keene and Borger initially indicating they were victims of the attack.
Of the total cost associated with the ransomware, some $3.25 million was expected to be incurred by county governments, $2.34 million was expected to be incurred by cities and towns, and $1.8 million was expected to be incurred by educational institutions, according to Cybersecurity Insiders. The remaining $5 million of anticipated expenses were miscellaneous in nature.
Recovery and Mitigation Costs: $18.2 million
Baltimore’s computer systems on May 7 were hit by a ransomware strain known as RobbinHood, which encrypted several critical functions for the city. The damage extended to city employees’ email and voice mail systems; online payment services for water bills, property taxes and traffic citations; and real-estate transactions, necessitating the creation of a “manual workaround” using paper forms.
City leaders at the time were presented with a demand for roughly $76,000 in exchange for a decryption key and were threatened with the destruction of affected data within days if the ransom wasn’t paid. But the city refused to pay the ransom and instead endeavored to restore the affected systems and data on its own.
As a result, the city experienced the loss or delay of $8.2 million in revenue from sources such as fines, property taxes, and real-estate fees, and expects to spend $10 million in the recovery effort by some of 2019. Some of the recovery-related costs include $2.8 million for forensic analysis and detection, $1.9 million for new hardware and software, and $600,000 to deploy new systems and replace hard drives.
Recovery and Mitigation Costs: $60 million to $71 million
Oslo, Norway-based aluminum provider Norsk Hydro was struck in March with a large ransomware attack that started in its U.S.-based facilities then spread, and the company couldn’t stabilize the situation until the summer.
The ransomware strain was ultimately determined by incident responders to be LockerGoga, which has wreaked havoc on companies in the industrial and manufacturing space. Norsk Hydro restored its systems from digital backups rather than pay the ransom demand, and switched to “manual mode” inside several its facilities to contain the spread of the ransomware.
Much of the financial impact of the ransomware stemmed from Norsk Hydro being forced to switch off production lines and resort to manual operations for reporting, billing, and invoicing. Norsk Hydro aluminum manufacturer Extruded Solutions suffered the most significant operations challenges and financial losses as a result of the attack, according to a company earnings report.
Recovery and Mitigation Costs: $80 million To $95 million
PLEASE TAKE THE TIME TO REVIEW THESE LINKS: