Security Breach – 26th May 2022


Security Breach – 26th May 2022

What do ransomware, business email compromise, whaling and account takeover all have in common? They frequently begin with a phishing email. That’s an important reason why email security is an essential component of your organisation’s defence.

An estimated 84% of businesses were the victims of a successful phishing attack in 2021. Even worse, about 59% of organisations that fell victim to a phishing attack were then infected with ransomware, and that’s not something that any company can afford to face. But by making smart choices about email security, you can reduce your organisation’s risk of trouble.

Strong, effective email security isn’t expensive either. A combination of affordable solutions including automated email security that leverages AI and security automation, plus comprehensive security awareness training that includes phishing simulations helps organisations mount a strong defence that reduces the risk of falling victim to a phishing-based cyberattack.

Recent Breaches

Chicago Public Schools – Regional Education Agency

Exploit: Supply chain risk

Risk to Business: Severe: Chicago Public Schools is facing a big breach of student data after a technology vendor experienced a data security incident. CPS has disclosed that it was recently informed that an unauthorized access incident took place at Battelle for Kids in December 2021. In that incident, a server that housed four years’ worth of personal information about students and staff from the 2015-16 through 2018-2019 school years was breached. Officials say that no Social Security numbers, no financial information, no health data, no current course or schedule information, no home addresses and no course grades, standardized test scores, or teacher evaluation scores were exposed in this incident. 

Risk to Exploited Individuals: Severe: The improperly accessed data included students’ names, schools, dates of birth, gender, CPS identification numbers, state student identification numbers, class schedule information and scores on course-specific assessments used for teacher evaluations. Employee data included names, employee identification numbers, school and course information and emails and usernames.

Customers Impacted: School system databases are popular targets because they often hold big stores of information.

Singapore –  Nikkei Business Publications

Exploit: Ransomware

Risk to Business: Moderate: Asian publishing giant Nikkei has disclosed that the organization’s headquarters was hit by a ransomware attack on May 13, 2022. The company, the publisher of several business and technology magazines, said that it is still investigating the incident and has not yet determined if bad actors accessed customer data. Officials in both Singapore and Japan have been notified

Risk to Exploited Individuals: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

Customers Impacted: More than half of APAC organizations experienced a cyberattack in 2021.

Talk to a TCT team member today about implementing cyber security and phishing training plan for your staff.

Robert Brown

Follow us on LinkedIn: 

Related Articles:
Ransomware considered top threat to financial sector
Australians lost $851m to scams in 2020