Advanced

Health and care software supplier Advanced was targeted in an attack by the LockBit 3.0 malware.

The attackers encrypted and exfiltrated (or transferred) a victim’s files as they were able to obtain a limited amount of information from our environment pertaining to approximately 16 of their Staffplan and Caresys customers.

However, Advanced notified each of those affected customers as the controllers of the exfiltrated data.

The company disconnected the entire Health and Care environment to contain the threat and limit encryption to a small number of systems which caused the customers to lose access to Health and Care platforms, as well as a limited number of non-health and care environments and services, such as eFinancials.

Source: https://www.digitalhealth.net/2022/10/client-data-exfiltrated-advanced-nhs-cyber-attack/

TPRM report: https://www.rankiteo.com/company/one-advanced

"id": "adv225171022",
"linkid": "one-advanced",
"type": "Ransomware",
"date": "6/2017",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"

{'affected_entities': [{'customers_affected': 16,
                        'industry': 'Health and Care Software',
                        'name': 'Advanced',
                        'type': 'Company'}],
 'data_breach': {'data_encryption': 'Yes',
                 'data_exfiltration': 'Yes',
                 'type_of_data_compromised': ['Customer data',
                                              'Health and Care data']},
 'description': 'Health and care software supplier Advanced was targeted in an '
                'attack by the LockBit 3.0 malware. The attackers encrypted '
                'and exfiltrated a limited amount of information from the '
                'environment pertaining to approximately 16 of their Staffplan '
                'and Caresys customers. Advanced notified each of those '
                'affected customers as the controllers of the exfiltrated '
                'data. The company disconnected the entire Health and Care '
                'environment to contain the threat and limit encryption to a '
                'small number of systems, which caused the customers to lose '
                'access to Health and Care platforms, as well as a limited '
                'number of non-health and care environments and services, such '
                'as eFinancials.',
 'impact': {'data_compromised': ['Customer data', 'Health and Care data'],
            'downtime': 'Yes',
            'operational_impact': 'Loss of access to platforms and services',
            'systems_affected': ['Health and Care platforms', 'eFinancials']},
 'motivation': 'Financial gain',
 'ransomware': {'data_encryption': 'Yes',
                'data_exfiltration': 'Yes',
                'ransomware_strain': 'LockBit 3.0'},
 'response': {'communication_strategy': ['Notified affected customers'],
              'containment_measures': ['Disconnected the entire Health and '
                                       'Care environment']},
 'threat_actor': 'LockBit 3.0',
 'title': 'Advanced Cyber Attack by LockBit 3.0 Malware',
 'type': 'Ransomware'}

Advanced

Gelatissimo: Aussie ice-cream franchise Gelatissimo suffers alleged hack by DragonForce

Airbus Atlantic and STELIA Aerospace North America Inc.: STELIA Aerospace confirms cyber attack on North American systems. $2.07 million ransom issued

Cybersecurity and Infrastructure Security Agency: 13News Now