April saw more than 14 million records breached across 80 incidents, and was also a month with many attacks that affected business systems without necessarily impacting data security.
The National Cyber Security Centre releases annual cyber breach survey results
Each year, the National Cyber Security Centre releases a research study of UK cyber breaches, focussing on knowledge to build resilience. According to this year’s report, in the last twelve months:
💻 39% of businesses identified a breach
🎣 83% of attacks were phishing scams
📆 31% of companies reported that they were attacked at least weekly
💷 The average cost to an SME was £4,200 and £19,400 to a larger business
❌ One in five businesses reported a direct negative impact resulting from a breach.
UK Foreign Office data published on Russian sites
An urgent investigation was launched by the UK Government, after the personal details of UK officials were published on Russian social media sites. The scale of the breach was initially unknown, but it emerged that the government was the subject of a suspected hack from a UAE-based group, using Israeli-made technology, Pegasus.
The Works forced to close outlets
A cyberattack on British stationary retailer The Works took a number of stores offline due to till issues, in addition to preventing the distribution of stock to stores, and deliveries to customers. While it was not initially clear the full extent of the breach, The Works did notify the Information Commissioner’s Office as a precaution, but it appears that the attack was limited to a small number of business systems and did not affect any data privacy or security. The Works later issued a statement confirming that their card and customer data is processed by a third party and was not affected in the attack, and that the extent of the attack was limited, without an expected impact on their operations or profits.
British Army confirms recruitment portal is offline
It was revealed in April that the British Army’s recruitment portal had been offline for over a month, after it was taken offline following a data breach. The data of 124 potential recruits was found for sale on the dark web, leading to a shut down of the system as a precaution while an investigation happened. The ICO was notified, but concluded that no further action was required currently, while the Army continues to rely on more traditional methods of contact including phone calls.
Google removes apps for data breaches
In early April, Google removed more than a dozen apps from its Play store after it was identified that the apps were secretly harvesting personal data including phone numbers. The apps themselves were typically innocuous and used for helpful purposes including weather apps and QR code readers, some of which had been downloaded more than 10 million times. The report serves as an important reminder that just because something can be accessed through reputable channels, doesn’t mean it has to be reputable itself. Be careful what you download and do your checks first.
Funky Pigeon suspends ordering
Digital retailer of greetings cards, Funky Pigeon, which operates from the Channel Islands and is owned by WHSmith group, was forced to suspend ordering and take down its website following a cyber incident. The attack affected systems belonging to the business, but in a statement issued by WHSmith, it confirmed no personal data was breached.
Home Office apologises after visa breach
The Home Office was forced to apologise for a data breach after an email was publicly copied to more than 170 email addresses. Some of the addresses were private Gmail addresses, while others were business addresses for law firms. In an interview with The Guardian, Naga Kandiah of MTC Solicitors, one of the recipients of the email, condemned the data breach. He said: “If the Home Office wishes to outsource biometric appointments to a third-party company they have to ensure that their partner is providing a service which is both legally compliant and good value for money. UKVCAS are charging far in excess of what was previously paid for an appointment at the Post Office yet the product is inferior. For such a high price clients do not expect GDPR breaches or loss of data.”.
Report highlights the prevalence of personal data breaches
A report by law firm RPC identified that more than 42 million people in the UK had their financial data compromised by hackers last year, a rise of 1,777% compared with the 2.2million records in 2019/20. In large part, the spike is due to the significant rise in ransomware attacks, but ultimately highlights both the level of responsibility required from businesses who process personal data, in addition to the importance of individuals monitoring the use of their data.
Russia-Ukraine conflict continues digitally too
Despite typically avoiding political discussion, it would be remiss of us to do a monthly round-up without mentioning the ongoing conflict in Ukraine. It was this month reported that China may have been behind a state-sponsored hack of Ukraine just days before the conflict broke out, while stories emerge of retaliation hacking too. Hacktivist group Anonymous claimed credit for hacking a Russian Orthodox Church, while Russia’s Air Transport agency was also affected by attacks. This is just a handful of ongoing hacks, but the prevalence of cyber warfare has led to many Governments and agencies warning businesses of the need for increased vigilance, and we encourage readers to view our MD Claire Maddox’s guide too.
Texas Department of Insurance (TDI) reports 1.8million data breach
In March, TDI confirmed a data breach had taken place in January, and this month the extent of the breach has been revealed. The Data Security Breach Reports from the Office of the Attorney General identified that approximately 1,800,000 Texans have had their data breached. The breach exposed people’s name, address, social security number information and medical information according to the report, making it one of the single biggest breaches so far this year.
Owners of Cash App confirm data breach by former employee
In a report to the Securities and Exchange Commission (SEC) at the beginning of April, Block, parent company of popular app Cash App, confirmed a data breach via a former employee. The employee in question had historic access to a large number of customer reports, but later accessed the reports after termination of their employment. It is not yet clear how many customers have been affected, but Cash App is contacting all 8.2 million customers, confirming that some have been involved in a breach of their full names and brokerage account numbers, as well as brokerage portfolio value, brokerage portfolio holdings, and stock trading activity for one trading day. It is an important reminder of the human factor in cybersecurity, and the importance of proper user management and activity management too.