There were cyber attacks in the district of Ludwigsburg, the Federal Association of the Pharmaceutical Industry and the food company Sysco. The reports at a glance:
Cyber criminals paralyze the district of Ludwigsburg
Cyber criminals have apparently attacked the administration of the district of Ludwigsburg. Therefore, the district office is currently closed – the IT “completely shut down”. The website of the district of Ludwigsburg states that “vehicle registration, the driver’s license office, the asylum area, the foreigners’ registration office and the job center are closed to customers”. The employees in the district house can be reached by phone, the branch offices cannot. Security experts from the Baden-Württemberg Cyber Security Agency, the State Criminal Police Office and experts from Komm.ONE are currently analyzing the IT infrastructure. So far it is not foreseeable when the systems will be started up again.
Pharma Association Phishing Incident
There has been a phishing incident at the Federal Association of the Pharmaceutical Industry (BPI eV). In accordance with Article 34 of the European General Data Protection Regulation (GDPR), the association had informed its members about a data protection incident. Accordingly, at the end of April 2023, the IT systems of the BPI were exposed to a cyber attack, which gave an unauthorized person access to one of the e-mail inboxes (Microsoft) of the association. The association did not want to give heise online any information about how many people the information letter was sent to. E-mail addresses, data from signatures, names, telephone numbers, postal addresses and message content may have been viewed. The BPI therefore warns of possible spam mails or calls. According to the BPI, the responsible Berlin data protection authority has already been informed. The BPI wants to strengthen the security of the mail system in the future, as the daily mirror reports.
Cyber attack at Sysco
The global food company Sysco has also fallen victim to a cyber attack. Sysco announced this in a quarterly report (10-Q) to the US Securities and Exchange Commission (SEC). The investigations are still ongoing. In a letter addressed to customers, Sysco assumes that the attack took place on January 14, as Darkreading reports. Sysco became aware of the attack on March 5: “The attackers gained unauthorized access to our systems and claimed to have acquired certain data,” according to the company. Accordingly, customer and supplier data in the USA and Canada as well as personal information of US employees such as names, social security numbers and account numbers are likely to have leaked. The investigations are still ongoing.
(mack)
