24 Jan Security Breach – 24 Jan 2024
Supply chain cyberattacks are among the most pressing threats businesses face today. Cybercriminals have discovered the value of targeting key points in the complex tapestry of suppliers, manufacturers and service providers that power global commerce. Over the past year, an estimated 40% of business cyberattacks originated from vulnerabilities in the supply chain. However, businesses can take a few proactive steps to reduce the risk posed by their suppliers, vendors, partners and service providers. Defending against supply chain cyberattacks requires a commitment to continuous improvement, collaboration and investment in advanced technologies. By implementing these strategies, businesses can not only mitigate dangerous cyberthreats that may impact their operations but also foster stronger relationships with partners who share their commitment to cybersecurity. In an era where supply chain attacks are growing more frequent and sophisticated, proactive defence is the only viable path forward.
Recent Breaches
Russia – Roseltorg – Government (Quasi-Government Body)
Exploit: Hacking
Risk to Business: Severe: Roseltorg, Russia’s primary electronic trading platform for government and corporate procurement, confirmed a cyberattack on its systems after initially attributing outages to “maintenance work.” The attack, claimed by the pro-Ukraine hacker group Yellow Drift, reportedly resulted in the deletion of 550 terabytes of data, including emails and backups. While Roseltorg stated that its data and infrastructure have been restored, its website remains offline and trading systems are yet to resume full operations. The breach has disrupted clients, including government agencies and suppliers, raising concerns about financial losses and delays in procurement processes. Yellow Drift shared screenshots of the compromised infrastructure as proof of the attack.
United States – Bank of America – Retail & eCommerce
Exploit: Hacking
Risk to Business: Severe: Bank of America filed a data breach notice with the Attorney General of Massachusetts after discovering unauthorized access to a third-party vendor’s systems on October 1, 2024. The breach exposed sensitive information about certain loan customers. The potentially exposed data includes names, addresses, passport numbers, phone numbers, Social Security numbers and loan numbers. BofA has since sent notification letters to affected customers, detailing the breach and its impact.
Talk to a TCT team member today about implementing cyber security plan for your business.
Robert Brown
24/01/2025
Related Articles:
Can Password Managers Be Hacked?
Essential Tips For Cyber Hygiene in 2025