Security Breach Update
6 March 2020

Human Error is a Top Cause of Data BreachesHuman Error is a Top Cause of Data Breaches

Companies face cybersecurity threats on many fronts every day, but human error may be the most pervasive – and the most preventable. A 2019 study analysing data from the UK’s Information Commissioner’s Office found that human error played a role in 90% of data breaches last year. This represents a significant increase from just two years ago, when only 61% of breaches were attributed to human error.

The study concluded that phishing scams were the primary cause of breaches with unauthorized access to systems ranking a close second. However, the study’s authors were also quick to point out that while employees represent a noteworthy data privacy risk, they can also serve as a critical defense against cybercriminals.

When equipped with the right tools, like phishing scam awareness training, employees can be transformed from a potential weak point into a crucial asset in the fight against cybercriminals and fraud.

Recent Breaches

Australia – Manheim – Wholesale automotive retailer

Exploit: Ransomware

Risk to Small Business: Severe: A ransomware attack has disrupted Manheim’s computer systems and workflows. Although the company can operate in a limited capacity, the company will still incur high costs to decrypt their hardware and update their cybersecurity standards plus unrecoverable productivity losses. At the same time, ransomware attacks can cause significant reputational damage, ensuring that the company will grapple with the fallout for much longer than hackers hold their systems hostage.

Risk to Exploited Individuals: At this time, no personal information was compromised in the breach.

Customers Impacted:  Unknown

Australia – Natonic – Health and beauty product retailer

Exploit: Malware attack

Risk to Small Business: Severe: Security researchers have identified payment skimming malware on Natonic’s online store. The script appears to be related to MageCart, a prominent hacking group that steals customers’ personal and financial data by injecting malware into online stores. Although security researchers confirmed that the script is no longer active on Natonic’s webstore, the attack could have costly implications for the retailer – consumers may be less likely to shop with an online retailer with a history of data security issues.

Risk to Exploited Individuals: Severe: Payment skimming malware tricks customers into entering their payment information at checkout then sends that information to the cybercriminals instead of the retailer. While it’s unclear what information was compromised in this breach, shoppers should assume that any information entered on the webstore could be impacted. Users should notify their financial institutions of the breach while taking additional steps to secure their accounts and personal details.

Customers Impacted:  Unknown

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
06/03/2020

Follow us on LinkedIn:

Related Articles:
Cybersecurity Tips for Your Remote Workers
Ransomware attacks are causing more downtime than ever before

Written by