11 Aug Security Breach – 11 Aug 2023
With cybercrime risk continuing to rise, if the worst does happen, minimising the time from discovery to recovery is the most important factor in keeping a company afloat. The global mean time to identify and contain an average data breach is 277 long, expensive days. That climbs to 326 days if ransomware is involved.
Investing in strong security and following security best practices is a smart, holistic and comprehensive way to set a company up for security success today and in the future. Taking an inefficient one-off approach leaves dangerous security gaps, creates management holes and adds unnecessary layers of complexity.
Recent Breaches
Australia – Aristocrat Gaming – Gambling Machine Manufacturer
Exploit: Hacking
Risk to Business: Moderate: Australia’s largest gaming machine manufacturer said that it has been hit in a cyberattack thanks to the MOVEit vulnerability. Aristocrat Gaming said that the June 1 attack led to the exposure of unspecified data for Aristocrat employees. Aristocrat said in a statement that it expects low business impact from this incident and that appropriate authorities are part of the investigation.
United States – Hot Topic – Retailer
Exploit: Credential Stuffing
Risk to Business: Severe: Retailer Hot Topic has disclosed that it has likely experienced a data breach after experiencing a series of credential stuffing attacks. The retailer said that the attacks took place between February 7 and June 21, 2023. Hot Topic says that legitimate credentials were ultimately used to access the company’s systems. Bad actors may have stolen customer information, including customer names, mailing addresses, dates of birth, phone numbers and order history. Partial payment card information (the last four digits of the payment card) may have been accessed if victims had their payment card details saved to their accounts.)
Talk to a TCT team member today about implementing cyber security and phishing training plan for your employees.
Robert Brown
11/08/2023
Related Articles:
What’s Changing in Cyber Insurance?
Why is regular Cybersecurity Awareness training recommended?