Security Breach Update
20 September 2018

Gold BarsThis week’s report is a little closer to home, with the Perth Mint being breached.

While the incident is still under investigation of how the hackers breached the third party application for trading gold and other precious metals, it goes to show, that no business is immune to being compromised.

Another major breach reported this week is the hacking of British Airlines. While this was a targeted attack by the same group that hacked Ticketmaster early this year. Thousands of names, addresses, email addresses, and sensitive payment card details were all compromised.

Recent Breaches

Australia – The Perth Mint – The Mint was breached via a third – party provider.
Exploit: Under investigation.
Risk to Small Business: Severe: A breach with sensitive data such as account information can deal a significant blow to customer trust.
Risk to Exploited Individuals: Severe: The victims of this breach are at risk of identity theft.
Customers Impacted:  13

United Kingdom – British Airways – A UK based airline.
Exploit: Cross-site scripting.
Risk to Small Business: Severe: This was a targeted breach by a group that is linked to the Ticketmaster breach, the extent and type of data accessed could erode customer trust.
Risk to Exploited Individuals: Severe: Those affected by this breach have a much higher risk of identity theft.
Customers Impacted:  380,000 payment cards.

There is a reason to keep your mobile devices operating system up to date. Millions of mobile devices are vulnerable to Bluetooth exploits, with an almost half of the devices being Android phones running older versions of the operating system.

This vulnerability can be used to facilitate ‘Airborne’ attacks, which allow Bluetooth devices to broadcasts malware to other devices in close proximity. This is significant because BlueBorne, a malware exploiting this vulnerability, does not need to pair with a device to infect it… in fact the target device does not even need to be in discoverable mode.

The BlueBorne vulnerabilities exist in Bluetooth implementations in Windows, Android, Linux, and iOS before Version 10. The flaws allow attackers to take complete control of vulnerable devices, steal data, distribute malware on them to conduct man-in-the-middle attacks, and spy on users.

We suggest upgrading your mobile device to a newer model if over 5 years old, and to keep operating systems upto date.

The threat landscape is always changing, which is why it is important for every organisation of every shape and size to have robust cyber security policy.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
20/09/2018

Follow us on LinkedIn:

Related Articles:
Scammers Collect 2.3 Million
Cyber 360 – Our Answer to the Threat Landscape

Written by