24 Nov Security Breach – 24 Nov 2023
As organisations leverage technology to enhance efficiency and connectivity, the corresponding surge in cyber risk combined with strained budgets has brought many businesses an array of cybersecurity challenges.
In response to the current fast-paced security threat landscape, most companies have deployed a wide array of security solutions to mitigate those threats. However, some significant gaps remain. Email continues to be a top threat vector, but still we find many small to medium businesses have not deployed an email security solution to secure it, instead choosing to rely on native security in cloud email platforms like Microsoft 365. But we are seeing Antivirus software and security awareness training increase for the second most implemented solution.
That’s especially surprising in terms of cybersecurity training, a low upfront cost security measure that yields high returns. Only about one-third of organisations has implemented automated software patching or a business continuity and disaster recovery (BCDR) solution.
Recent Breaches
South Korea – Samsung – Electronics Company
Exploit: Hacking
Risk to Business: Moderate: Samsung has announced a data breach that mainly impacts customers in the UK. The company admitted this week that attackers exploited a vulnerability in an unnamed third-party business application to access the personal information of customers who made purchases at Samsung UK’s store between July 1, 2019, and June 30, 2020. hackers may have accessed their names, phone numbers, postal addresses and email addresses. No financial data, such as bank or credit card details or customer passwords, were impacted.
Japan – Toyota Motor Corporation – Automaker
Exploit: Ransomware
Risk to Business: Moderate: The Medusa ransomware group is claiming responsibility for a ransomware attack on Toyota. The world’s largest automaker confirmed that its Toyota Financial Services (TFS) arm in Europe and Africa was hit, saying that it had discovered unauthorised activity on its network last week. Medusa claims to have snatched a variety of data including leasing contracts, email addresses, usernames and passwords, passport details and other sensitive data. The group is demanding an $8 million ransom.
Talk to a TCT team member today about implementing cyber security plan for your business.
Robert Brown
24/11/2023
Related Articles:
Proactive Vs reactive approaches to cyber threats
How to Improve Security Without Sacrificing Convenience?