Security Breach– 29 Oct 2021

Delete accounts

Security Breach– 29 Oct 2021

Cyberattacks stress out consumers & employees. I have to totally agree as when Canva suffered their massive data breach, I was so concerned, I immediately unsubscribed and decided to delete my account with them.

No company ever wants to experience a cyberattack, let alone have hundreds of their customers delete their accounts, plus handled the the roller-coaster ride of incident response and recovery. But an increasing number of companies are finding themselves on that path as cybercrime numbers reach new records.

But when businesses consider the cost of a cyberattack, they may not be considering costs that are harder to quantify like damaged consumer sentiment, reduced new business prospects and lowered employee performance.

Yet these factors could have a serious impact on a company’s future in the wake of a cyberattack. What are you doing to ensure your customers and staff are safe and secure?

Recent Breaches

United Kingdom – Tesco – Supermarket Chain

Exploit: Hacking

Risk to Small Business: Severe:  Ubiquitous UK supermarket chain Tesco left customers scrambling after a cyberattack disrupted its web services over the weekend. The company said that unnamed cyberattacks began impacting its systems on Friday night. Beginning Saturday and rolling into Sunday intermittently, shoppers were unable to place orders or track deliveries. The incident also impacted the Tesco app.

Risk to Exploited Individuals: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted:  Unknown

Taiwan – Gigabyte – Computer Hardware Manufacturer

Exploit: Ransomware

Risk to Small Business: Severe: Motherboard manufacturer Gigabyte was clobbered with a ransomware attack last week The ransomware group Avos Locker clobbered the company in a SolarWinds-style supply chain attack. The gang posted samples of the purportedly stolen data on its leak site including confidential details regarding deals with third-party companies and identifiable information about employees. Researchers from ThreatPost were able to view an assortment of data in a 14.9 MB file entitled “proof.zip”containing confidentail data on agreements with Gigabyte relationships including Amazon, BestBuy, Black Magic, Blizzard, Intel and Kingston.

Risk to Exploited Individuals: Severe: Researchers also noted that some employee and applicant information is included in that file. Researchers spotted employee payroll details, passport scans CVs of applicants, human resources files, consulting agreements, credit card data from 2014 and images from company events.

Customers Impacted:  Unknown

Our locally based teams in Sydney, Melbourne and Horsham provide our clients with timely and specialised knowledge, letting you focus on running your business.

Protect your data and systems by implementing a solid cybersecurity plan today. Talk to a TCT team member today and we can show you how.

Robert Brown
29/10/2021

Follow us on LinkedIn:

Related Articles:
Passwords are serious business. How serious?
Getting the right advice on Cybersecurity is critical