Security Breach – 21 Mar 2025

human vulnerability

Security Breach – 21 Mar 2025

Oftentimes, security guidelines can feel like obstacles rather than essentials. Add tight budgets, mounting responsibilities and constant multitasking, and you have the perfect recipe for cybersecurity vulnerabilities. In addition, end users don’t prioritise security. Many don’t even see cybersecurity as their responsibility. An industry journal survey found that 45% of employees believe cybersecurity isn’t their concern because they don’t work in IT. This mindset is a gateway to serious security risks, leaving many businesses struggling with human vulnerability issues. It’s no surprise that attackers are shifting their focus to exploiting human vulnerability. How can business owners effectively protect their organisations from user-related trouble? The answer lies in a comprehensive user risk management approach that addresses the problem holistically through prevention, speedy response and fast recovery.

Recent Breaches

 

Micronesia – Department of Health Services – Government 

Exploit: Ransomware

Risk to Business: Moderate: One of the four states that make up the Pacific nation of Micronesia is battling against ransomware hackers who have forced all of the computers used by its government health agency offline. On Wednesday, the Department of Health Services for the state of Yap warned the island’s 12,000 residents that a ransomware attack hit its systems on March 11. The department is working with private IT contractors and other government agencies to get services back online, determine the extent of the infiltration and figure out what data has been breached.

United States – Bank of America – Finance

Exploit: Third Party

Risk to Business: Moderate: Bank of America has alerted a group of customers about a potential data breach that may have exposed sensitive information, including personal details and Social Security numbers. The breach, which occurred on December 30, was caused by improper handling of confidential documents by a third-party document destruction service provider. While the exact number of affected accounts has not been disclosed, the exposed information could include names, financial account details, addresses, phone numbers, email addresses, dates of birth, Social Security numbers and other unique government ID data. To mitigate the impact, Bank of America is offering affected customers a complimentary two-year membership to an identity theft protection service.

Talk to a TCT team member today about implementing cyber security plan for your business.

 

Robert Brown
21/03/2025

Related Articles:
Tips for Preventing Data Breaches
Securing File Storage and Transfers