10 Feb Security Breach – 11 Feb 2021
Why do some employees resist the business security policies?
You’ve set policies, sent out emails and had meetings – and some of your employees still aren’t getting the importance of your security policies. Why won’t they listen, and what will it take to get through to them?
Is the policy that you’ve chosen too difficult to follow by some of your staff? Business-wide choices that make sense from one department’s perspective may be strange and disruptive to another.
In reality, it is a big change for most people. Back in the day when they were just starting out working, they could use their dogs name for a password.
But we have more than evolved in the world of security and business.
Perhaps a more human approach needs to be adopted to explain the “why” to them – especially when they’re working remotely. Explaining how these policies impact the business and how it protects them, your valued employees.
Education and training is the key to helping staff understand, adopt and protect the business in this new tumultuous world.
By taking the time to consider the impact of security policies, you can transform your employees’ approach to cybersecurity, taking them from being your biggest security risk to your biggest security asset.
Australia – Oxfam Australia – Charitable Organization
Risk to Small Business: Severe: A donor database for Oxfam Australia was discovered by cybersecurity researchers. Oxfam Australia is a charity focused on alleviating poverty within the indigenous Australian people. A threat actor was attempting to sell the Oxfam Australia contact and donor information for 1.7 million people. The incident is under investigation.
Risk to Exploited Individuals: Moderate: The exposed information appears to be limited to donor names, email addresses, addresses, phone numbers, and donation amounts. No financial information was exposed.
Customers Impacted: 1.7 million donors
Australia – SitePoint – Web Development Education Resources
Exploit: Third Party Data Breach
Risk to Small Business: Severe: Web developer education platform SitePoint has disclosed a security breach this week in emails sent to some of its users after a threat actor listed a collection of one million SitePoint user details for sale on a cybercrime forum. SitePoint has now initiated a password reset on all accounts and is asking users to choose new ones that are at least ten characters long.
Risk to Exploited Individuals: Moderate: The stolen passwords were hashed with the bcrypt algorithm and salted, but SitePoint encourages users who may be recycling their password elsewhere to reset those accounts too.
Customers Impacted: Unknown
Protect your data and systems by implementing a solid cybersecurity plan today. Talk to a TCT team member today and we can show you how.
Follow us on LinkedIn: