15 Mar Security Breach – 15 Mar 2024
Businesses and organisations are constantly on the lookout for effective ways to safeguard their data and infrastructure from cyber threats. Among the most effective strategies to achieve this is through cybersecurity penetration testing, a proactive and comprehensive approach designed to identify and exploit security vulnerabilities in a system, much like a hacker would, but with the intention of strengthening these weaknesses before they can be maliciously exploited. This strategies stands in contrast to vulnerability scanning, a more automated and surface-level examination aimed at cataloguing potential vulnerabilities without delving into the depth of exploiting them. By understanding the intricate process of penetration testing and its distinction from vulnerability scanning, companies can better prepare themselves against the sophisticated cyber attacks that pose a growing threat in today’s digital world.
Recent Breaches
United States – Fidelity Investments Life Insurance Company (FILI) – Insurer
Exploit: Supply Chain Data Breach
Risk to Business: Severe: Fidelity Investments Life Insurance Company (FILI) is informing about 20,000 customers that it has experienced a data breach due to a cybersecurity incident at one of its vendors, Infosys McCamish (IMS). That vendor was also responsible for the recent Bank of America data breach. In November 2023, IMS notified FILI about an unspecified “cybersecurity event” that disrupted its services. After an investigation, IMS discovered that its systems were breached between October 29 and November 2, 2023. IMS determined that the bad actor was able to obtain data stored on those systems. FILI informed customers that their stolen data may have included individual names, Social Security numbers, states of residence, bank account and routing numbers and dates of birth.
Canada – Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) – Government Agency
Exploit: Hacking
Risk to Business: Extreme: Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Canada’s financial intelligence agency, has announced that it has had to pull its systems offline due to a cyber incident that struck over the weekend. The agency was quick to reassure the public that the incident did not involve the Centre’s intelligence or classified systems but did not further specify exactly which systems or functions were impacted. The incident remains under investigation.
Talk to a TCT team member today about implementing cyber security plan for your business.
Robert Brown
15/03/2024
Related Articles:
Insights from the 2023 Annual Cybersecurity Report
Cost Impact of a Data Breach for your business