Data breaches have been big news in 2023 to date. We’ve seen a lot of them – and we’re only halfway through the year!
Cyber crime is ramping up. Ransomware as a service is very lucrative. Criminals looking for data to sell hire groups who already have all the infrastructure in place to run ransomware attacks. Often, they’ve already prepared back doors into potential targets.
At PhishNet, we’ve noticed a definite rise in higher-profile cyber incidents this year. A lot of these include data breaches that were clearly carefully targeted for maximum impact. And while I can’t give you a rundown of every single one, I can highlight some data breaches that offer crucial learning points for businesses of all sizes.
This bond broker company recently announced that it had experienced a cyber incident. The attackers stole personal information, believed to include drivers licences, passports, financial reports, and tax file numbers. The company followed its cyber security response plan and took its IT systems and client portal offline.
Clients of the company have called for it to review its data retention policies, saying that their identity documents should never have stayed in the system.
Key learning points
There are a few good points to draw out of this story:
- Have a cyber security response plan.
- Make sure your employees are familiar with the plan and their responsibilities within it. Run regular training sessions.
- Empower people to act fast!
- Regularly review your data retention policies.
- Audit your data to make sure you’re following the retention policies.
The Norton LifeLock data breach was a little different to most we see in the news. LifeLock is a password manager product. Rather than attacking the company itself, attackers went after customer accounts. They used credential stuffing, buying a list of username and password pairs and trying them out in bulk.
The attackers succeeded in accessing the LifeLock accounts of around 6,450 customers, presumably recording and selling their saved passwords. It’s important to note that the credential stuffing technique only works when people reuse their passwords.
Key learning points
The most important points are around password hygiene:
- Don’t reuse passwords!
- Train all staff in how to create good passwords, and why it’s important.
- Invest in a password manager for all staff.
In late April 2023, the Russian ransomware gang AlphV published almost 1.5 TB of data that it claimed to have stolen from HWL Ebsworth. The legal company handles a lot of sensitive cases, including medical insurance, so the data loss could be significant. More recent estimates claim around 3.6 TB of data was published.
Key learning points
Attackers gaining access through personal devices is becoming more common. To combat this:
- Establish a firm boundary between work and personal devices.
- Enforce strict rules about which devices can access your data.
- Lock down work devices to approved apps only.
- Install endpoint security software on all devices.
Is your company next?
- Have you already been hacked and don’t realise it yet? Look at your logs for signs of intrusions and installed back doors into your system.
- What’s your data retention policy? Does it need an update? Is it being followed? Audit your data to check that you’re only keeping what you need to.
- Are you up to date on your responsibilities to update customers when you experience a cyber attack? Check industry, state, and federal requirements.
- Does your team know what to do during a cyber attack? The length of response time can make a crucial difference in how much data attackers can access. Ensure your team have engaging, informative cyber security training.
Get help to improve your cyber security defences
It’s easy to get overwhelmed with the potential for data breaches. However, you’re not alone. PhishNet can help you to proactively strengthen your defences with a comprehensive cybersecurity training program for your team. Talk to PhishNet to learn more.