Security Breach – 3 May 2024

Dark Web Monitoring

Security Breach – 3 May 2024

The dark web is a hotbed for illicit activities and clandestine transactions, from employees selling access to initial access brokers to bad actors selling stolen identities – and the advent of artificial intelligence (AI) assisted cybercrime is giving this already booming economy a push to new heights.

This makes the dark web a significant threat to individuals and organisations alike.

There are a wide variety of threats that businesses face from information and activity rolling around on the dark web. However, there are things that businesses can do to limit their risk. In the ongoing battle against cybercrime, a crucial tool has emerged: Dark Web Monitoring. This tool is essential for protecting businesses’ data and systems from today’s dangers including today’s biggest dark web threats.

Recent Breaches

 

Australia – Ambulance Victoria – Emergency service

Exploit: Data Breach

Risk to Business: Moderate: Victorian paramedics have been ensnared in another apparent privacy breach, with a union declaring staff members’ mobile phone numbers were exposed. The Victorian Ambulance Union was notified the personal mobile phone numbers and rostering status of Ambulance Victoria staff was accessible to the workforce through an intranet page. The union has been informed the page has been temporarily taken down but it wants all mobile phone numbers completely removed, affected staff told and an audit into how long the information was accessible for. 

United States – District of Columbia Department of Insurance, Securities and Banking (DISB) – Government Agency

Exploit: Hacking (Supply Chain)

Risk to Business: Extreme: The LockBit cybercrime group says that it gained access to the network of the District of Columbia Department of Insurance, Securities and Banking (DISB) and snatched sensitive data. The gang claims to have stolen 800 GB of sensitive financial data including files pertaining to the U.S. Securities and Exchange Commission (SEC), Delaware banking institutions and other financial entities as well as DISB operations. The data was likely obtained from DISB’s STAR system client in late March 2024 which was maintained by Tyler Technologies. The incident is under investigation.

Talk to a TCT team member today about implementing cyber security plan for your business.

Robert Brown
03/05/2024

Related Articles:
10 Tips to Help Small Businesses
Reducing Cloud Waste at Your Business