There has been a big jump in the number of breaches recorded in July compared with June, with 33,727,641 breaches recorded and 86 security incidents in July 2021. That makes the overall total of security incidents stand at 815 and the total number of breached records at 3,980,757,735.

Oxford City Council Data Breach

Oxford City Council has apologised to residents after a ‘computer error’ caused a data breach of rent statements. The council only clicked that there was a problem when locals raised the alarm of the potential breach after receiving the wrong rent statement in the post. One resident said “I received a letter that was addressed to my address but not with my name. I mistakenly did not read the name just opened it and it was a ‘Statement of Main Rent Account’. It had another person’s name on it, their reference, their payments and dates, and their address.”

The issue is said to have occurred after a new computer system was installed, that supports the council’s landlord services to its 7,800 council homes. The council swiftly asked residents to destroy any letters with the wrong information and confirm they had not shown anyone. 80 homes were known to be affected, but they are still verifying the number. The council said it is currently taking ‘immediate steps’ to rectify any errors, with staff manually overriding the system to check statements, while working to resolve the underlying data issue. The council has written to tenants affected to offer apologies for any concerns or inconveniences the error caused.

National Lottery Community Fund Data Breach

This month it was discovered that a data breach within the National Lottery Community Fund has put 6 years of bank and contact details at risk, and potentially exposed contacts to fraudulent behaviour. National Lottery has apologised that the details provided between September 2013 and December 2019 by UK Portfolio, England funding and Building Better Opportunities customers were breached. However, they are refusing to reveal how the data was breached or what organisations and how many people it has affected. They confirmed that the data breached was only in England.

The National Lottery say it is an ongoing investigation and would update its website once it had confirmation of the investigation. Customers affected have been asked to change passwords on their accounts, look out for phishing emails or fraudulent activity on their bank account and consider running a credit check against their name and address to help identify any fraudulent applications being made in their name.

New Skills Academy Data Breach

Online learning provider New Skills Academy suffered a major data breach with account information of customers exposed to unauthorised sources. The number of accounts affected is still unknown, but the information taken includes usernames, email addresses, and encrypted passwords. Credit or debit card records were not accessed in the breach. New Skills Academy has contacted all account holders regarding the breach and has advised them to change their passwords. They are still investigating how this breach has happened.

Giant Telecom Company hit by REvil Ransomware Gang

MasMovil, a Spanish giant telecoms company, has been hit by a big ransomware attack this month. REvil ransomware gang is claiming to have downloaded databases and important data belonging to the telecoms company. MasMovil is the latest victim of the famous gang, which has attacked a large company every month this year so far. REvil proved the hacking by sharing screenshots of the stolen MasMovil data showing folders named Backup, RESELLERS, PARLEM, and OCU, etc. The attack structure of the REvil ransomware operator follows the same modus operandi as other ransomware groups such as breaching the security of its target, stealing data and locking the files on the victim’s system and demanding ransom payment for decrypter key/tool. Remember to back up data and patch your computer often.

Swedish Coop Supermarkets Ransomware Cyber-Attack

500 Coop supermarkets in Sweden had to be shut due to an ongoing “colossal” cyber-attack affecting organisations around the world. Its point-of-sale tills and self-service checkouts stopped working after being hacked. The supermarket was not itself targeted by hackers, but is one of a growing number of organisations affected by an attack on a large software supplier the company uses indirectly. Cyber researchers say about 200 businesses have been hit by this “colossal” ransomware attack, which had mainly affected the US. It is believed that the Russian ransomware gang REvil is responsible for this attack, they are one of the most prolific and profitable cyber-criminal groups in the world.

The attack was actually targeted at the group KIesaya and they supply The Coop as their software provider. The case highlights the growing concern in the cybersecurity world about so-called supply chain attacks where hackers are able to claim multiple victims by attacking their supplier. The US Cybersecurity and Infrastructure Agency has said that they took swift action to address to the attack and urged users of the Kesaya software to shut it down.

CNA Reports Data Breach After Ransomware Attack

One of the leading US-based insurance companies, CNA Financial Corporation, had to notify customers of a data breach following the Phoenix CryptoLocker ransomware attack that happened in March. CNA provide a wide range of insurance products including cyber insurance policies, to individuals and businesses across the US, Canada, Europe, and Asia.
Between the 5th-21st March the attackers accessed several CNA systems at different times, including taking customers information such as names and social security numbers, before deploying the ransomware. The attack has affected over 75,000 people. In July CNA finally recovered customers’ information and have contacted those affected. Systems are now fully back to normal, but it does show how long it can take to recover information and get systems back up and running, if a big attack occurs. It is always good to have a plan B if systems cannot get back and running quickly.

Covid-19 Scammers

Being invited by the NHS to receive the Covid-19 vaccine is a great relief for many of us. However, for some it was the start of an ordeal that has cost people all over the UK more than a third of a million pounds. Sioban Moore, from North Yorkshire, escaped disaster by a whisker after receiving an email, supposedly from the NHS, inviting her to get her jab. The email said she had to respond within 12 hours or her opportunity would go to someone else. Without thinking she clicked the link and accepted the invitation for the vaccine, she entered in her personal details – date of birth, phone number, email address – and her bank details. “The penny dropped” she exclaims. Sioban found the reasoning for this request for her bank details strange, but believable, as the scammers said this was to cover any costs that might be incurred by the vaccine process. Fortunately, she never entered in her bank details and didn’t lose any of her money, but many others carried on and have been taken in by these scams. These scams led to the loss of at least £388,468.44 from victims.

People and human error are always the weak link in the cyber security chain, which is why cyber training is essential. Call 01453 700 800 and ask us about our regular cyber training to help your employees be a great line of defence.

Home car charger owners urged to install updates

Security researchers have discovered failings in two home electric car chargers. The research showed that the chargers could be switched on and off remotely, hackers could remove the owner’s access, and were able to show how a hacker could get into a user’s home network. The car charger faults have now been fixed due to this research, but owners are still being asked to update their apps and chargers, to be safe.

It comes as proposed new legislation on cybersecurity for appliances – including chargers – is published. Two home chargers, Wallbox and Project EV – both approved for sale in the UK by the Department for Transport – were found to not have acceptable security when used with an accompanying app for smartphones. The researchers also discovered that it was possible for hackers to gain access to the home network if the car charger was connected to the WIFI.
Before the report and findings were published the two firms were given the opportunity to fix the problems which are now being sorted.

Firearms Dealer Data Breach

There has been a big ‘security breach’ in July at Guntrader.uk, a leading website for buying and selling shotguns and rifles. Thousands of names and addresses of UK customers have been published to the dark web. As soon as the company realised, they informed the Information Commissioner’s Office and the Police, including the National Crime Agency, are now investigating.

Owning a gun in the UK is very strict and tightly controlled, which makes them hard to get, and therefore valuable on the black market. A gun owner, who did not wish to be named has said the attack “seriously compromises my security arrangements for my firearms and puts me in a situation where me and my family could be targeted and in danger.”

Around 100,000 customers have been affected with their records stolen, but it is said that no information about gun ownership or the location of customers’ guns was taken. Those with stolen data are being asked to keep an eye out and take care around home security. The British Association for Shooting and Conservation (BASC) is urging its members “to be vigilant around home security” following the breach, as the customers data was listed on a hackers website before being taken down by the Police.

Lazarus Gang targets Engineers

Engineers who work in the defence industry have been targeted by a hacking group according to security researchers at AT&T Alien Labs. For the past few months, these engineers have been receiving malicious emails that use the disguise of a job offer to target defence contractors in the United States and Europe. Included in this email was a word document containing macros that put a nasty code onto a victim’s computer or system. This code makes changes to the computer’s settings in an attempt to avoid detection.

The security researchers believe that is email security breach was the work of Lazarus Group, a North Korean linked hacking gang that has been blamed for the 2014 attack on Sony Pictures, and the theft of $81 million from the Bank of Bangladesh in 2016, amongst other attacks. Lazarus Group was posing as engineering firms and sending emails with opportunities from the likes of Airbus, General Motors, and military contractor Rheinmetall.

Microsoft Office has told those who’ve received an email and clicked on the word document that they have disabled the macro content, but because the email pretends to offer a career opportunity the attackers are banking on recipients overriding the security warning and allowing the malicious code to execute. If you receive a job opportunity, make sure that it actually come from the firm themselves.