These events highlight the different factors that contribute to the perceived severity of an attack, as well as the mis-steps that businesses have taken, that have ultimately contributed to the attack or data breach happening in the first place.
Lancaster University suffers phishing attack
Lancaster University students had their data stolen in what was described as a “sophisticated and malicious” cyber-attack. The hackers used a phishing attack that in some cases also sent fraudulent invoices to undergraduate applicants. The result was a breach of data including names, addresses, telephone numbers and email addresses. For a very small number of students, a breach in the student records system also meant they had their record and ID documents accessed as well. Read more about this particular cyber attack at The Guardian
Data mislaid on the Isle of Man
In July this year, the personal information of dozens of vulnerable people on the Isle of Man receiving home care funded by the government was lost. According to the Department of Health and Social Care the paper records of 33 adults had been “mislaid”, as well as the access codes to 7 people’s homes. Although this was not considered a criminal act, it does highlight the importance of keeping all data, including physical data in the form of printed reports safe and secure. Read more on the BBC website
Adoptive parents forced to move thanks to Hackney Council
In a very serious data breach at Hackney Council an adoptive family was actually forced to move in order to preserve the safety of their children. Although in this data breach only two individuals – the parents of the adopted children – were affected, the severity of the consequences in this case, demonstrate how it’s not always simply the volume of data breached that makes it a serious issue. In this case the breach occurred when a solicitor issued a notice of a family court hearing to the birth parents of the children and accidently included a copy of the adoption application form that was not redacted. This revealed the names, address, phone numbers, dates of birth and occupations of the adoptive parents. Find out more on the Hackney Gazette
Leicester FC falls victim to cyber criminals
In May 2019, Leicester FC saw their troubled football season get even worse when cyber criminals stole the financial details, including card numbers, expiry dates and CVV numbers, from many of their fans. Although the club responded swiftly and appropriately to the breach, it does look as through there were some violations of the new GDPR legislation and the PCI DSS. Find out more on the IT Governance website
It’s sad to say that these few examples of cyber-attacks and data breaches reported so far in 2019, don’t even scratch the surface of all the attacks and breaches that have happened worldwide and more than that, these won’t be the last either.
Cyber-crime is a constant threat and our advice is to be vigilant and be prepared, educate your self and your colleagues on the different types of cyber-attacks out there, invest in anti-virus software, encryption and backup solutions and last but by no means least, keep all your software, systems and networking up to date, If you need help and advice around how to better protect your business and data from cyber criminals, talk to our experts