09 Feb Security Breach – 9 Feb 2024
In the ever-evolving landscape of cybercrime, 2023 marked a significant milestone, albeit not one to celebrate. Data breaches soared to unprecedented levels, reaching a new record high that sent shockwaves through industries and individuals alike. In 2023, as cybercrime of all kinds experienced explosive growth, the world witnessed a staggering surge in data breaches across various sectors, including finance, healthcare, retail and government.
Businesses should be deeply concerned about a new record number of cybercrime due to the significant implications they pose for both their operations and reputation. Data breaches not only jeopardise sensitive information, including customer data and proprietary business secrets, but they also inflict financial losses. The erosion of consumer trust resulting from a breach can have long-lasting repercussions, leading to diminished brand loyalty and decreased revenue streams. Beyond immediate financial impacts, businesses face long-term challenges in rebuilding their credibility and implementing robust cybersecurity measures to safeguard against future breaches.
Australia – Football Australia – Sports Governing Body
Exploit: Human Error
Risk to Business: Severe: Football Australia (FA) has experienced a data breach as a result of a blunder. A developer inadvertently left a crucial server reference in code accessible to the public, leaving a huge treasure trove of information open for the taking. The information exposed may include players’ contracts containing data like personally identifiable information and passport scans. Fan data associated with ticket purchases and information about the FA’s digital infrastructure was also exposed. Researchers discovered the 27 AWS buckets of exposed data, which have been available since early January 2024. FA said that it has informed the Office of the Australian Information Commissioner (OAIC) about the breach.
United States – AnyDesk – Technology Company
Risk to Business: Extreme: AnyDesk confirmed that it has experienced a cyberattack that resulted in hackers gaining access to the company’s production systems. Anydesk, makers of a popular remote desktop access solution, discovered the intrusion last Friday. The company ultimately determined their systems had been compromised. The threat actors stole source code and code signing certificates. AnyDesk says they have revoked security-related certificates and remediated or replaced systems as necessary. The company was quick to reassure customers that AnyDesk was safe to use and that there was no evidence of end-user devices being affected by the incident. Ransomware was not involved.
Talk to a TCT team member today about implementing cyber security plan for your business.