Cyberattacks Stealing Data on the Rise in Wisconsin

In 2024, Wisconsin businesses have increasingly become targets of file exfiltration cyberattacks, where hackers steal sensitive data and often threaten to expose it unless a ransom is paid. Recent high-profile breaches in the state have impacted a wide range of industries, from healthcare to manufacturing, exposing thousands of individuals’ personal information. This article explores the growing threat of these attacks, highlights major incidents in Wisconsin, and offers actionable steps to protect your business.

---

What Is File Exfiltration?

File exfiltration refers to the unauthorized extraction of data from a system. Unlike ransomware, which often locks data and demands payment for its release, file exfiltration focuses on stealing sensitive information such as Social Security numbers, credit card data, and proprietary business files. This type of attack is particularly dangerous because it can go undetected for long periods, giving cybercriminals ample time to access and copy confidential data.

---

 

Recent File Exfiltration Incidents in Wisconsin

Several major cyberattacks have targeted Wisconsin businesses, highlighting the seriousness of file exfiltration threats:

 

• Oldenburg Group Breach (September 2024): Oldenburg Group, a prominent industrial manufacturer, experienced a breach where sensitive customer and internal documents were compromised. The incident remains under investigation, but it is a clear example of how manufacturing firms are at risk​.
• Power Test LLC Breach (June 2024): Sussex-based Power Test LLC, a manufacturer of dynamometer products, was hit by the LockBit3 ransomware group. The attackers stole 5TB of data, including blueprints, financial records, and personal information of employees and clients.
• First Choice Dental Breach (October 2023): This breach impacted over 227,000 patients, exposing Social Security numbers, credit card data, and health information. The attackers encrypted First Choice Dental’s systems and demanded a ransom.
• Wisconsin Auto Dealerships Breach (June 2024): A ransomware attack affected 159 auto dealerships across the state, disrupting operations and exposing customer financial data.
• Wisconsin Physicians Service (WPS) Breach (2023): The WPS breach compromised personal information of approximately 950,000 Medicare beneficiaries due to a vulnerability in the MOVEit file transfer software.

---

Why Are File Exfiltration Attacks Increasing?

The rise in file exfiltration attacks can be attributed to several factors:

 

1. Advanced Attack Methods: Cybercriminals are becoming more sophisticated, using tools that make it easier to evade traditional security systems. Groups like LockBit3 are leading the charge with complex ransomware-as-a-service models that target high-value data.
2. Exploitable Vulnerabilities: Software vulnerabilities, such as those in the MOVEit file transfer system exploited in the WPS breach, give attackers easy access to sensitive information.
3. Dual Ransomware-Exfiltration Threats: Many ransomware attacks now involve not just encrypting data but also stealing it. Hackers often threaten to leak the stolen information unless businesses pay the ransom, making exfiltration more profitable).

---

Industries Most at Risk in Wisconsin

Certain industries are more vulnerable to file exfiltration cyberattacks due to the high value of the data they handle:

• Healthcare: Organizations like First Choice Dental and Wisconsin Physicians Service (WPS) are prime targets because of the valuable personal and health-related information they store.
• Manufacturing: Companies like Oldenburg Group and Power Test LLC face significant risks as attackers seek to steal proprietary information, intellectual property, and financial data​.
• Automotive: The attack on 159 Wisconsin auto dealerships in 2024 highlights how the automotive sector can be vulnerable due to the personal and financial information it handles.

---

Consequences of File Exfiltration Attacks

The consequences of file exfiltration attacks are severe and can include:

 

• Financial Losses: Businesses face direct costs such as ransom payments, data recovery, and legal fees. The attack on Johnson Controls, for example, led to $27 million in damages​.

• Operational Disruptions: Many businesses experience significant operational disruptions during and after an attack, as systems are locked or compromised. For instance, the dealerships that were impacted by the ransomware attack mentioned above, were reduced to using pen and paper to try to run important part of their operations. Attack on Ascension earlier this year has left some of their critical operations paralyzed while the hospital and healthcare network was recovering from the attack.

• Reputation Damage: Data breaches can erode customer trust, especially when sensitive personal or financial information is leaked, as seen with First Choice Dental and the Wisconsin auto dealerships​.

---

How to Protect Your Business from File Exfiltration

Businesses can take several steps to protect themselves from file exfiltration attacks:

 

1. Deploy Data Loss Prevention (DLP) Tools: DLP software helps monitor and block unauthorized data transfers, reducing the risk of sensitive files being stolen.
2. Patch Management: Regularly updating software and systems is crucial for closing security gaps, especially those that could be exploited in file transfer systems like MOVEit.
3. Network Monitoring: Advanced monitoring tools can detect unusual traffic or suspicious behavior, providing early warnings of potential exfiltration attempts.
4. Employee Training: Since phishing and social engineering attacks are common entry points for cybercriminals, educating employees on how to recognize these threats can significantly reduce risks​.

---

File exfiltration cyberattacks are a growing concern for Wisconsin businesses, particularly in industries like healthcare, manufacturing, and automotive. Recent incidents have shown the devastating impact these breaches can have on both operations and reputation. However, by strengthening cybersecurity measures and staying proactive, businesses can mitigate these threats.

To ensure your business is protected, consider reaching out to Centurion Data Systems for a free cybersecurity vulnerability assessment. Our team of experts will help you identify potential weaknesses and secure your sensitive data before cybercriminals strike. Don’t wait for an attack—contact us today to safeguard your business against rising cyber threats.