It may be peak holiday season for many, but that hasn't stopped cybercriminals from working. Here are the most recent cybersecurity breaches in August 2023. Let’s begin with the Electoral Commission.
UK democratic processes and institutions are a target for cybercrime, as evidenced by the Electoral Commission's recent announcement that they were victims of a complex cyber-attack that was first identified in October 2022.
The incident was discovered after suspicious activity on the regulator's system was detected. Since then, the Commission has worked with outside security experts as well as the National Crime Agency (NCA) to investigate the incident and secure its systems.
The Commission stated that hostile actors gained access to reference copies of electoral registers held by the Commission for research and political donation checks.
The registers at the time contained the names and addresses of anyone in the United Kingdom who had registered to vote between 2014 and 2022, the names of registered overseas voters during the same period, and the names and addresses of registered Northern Irish voters in 2018.
During the attack, the Commission's email was also accessible.
Shaun McNally, Chief Executive of the Electoral Commission, has issued an apology to all those affected by the incident and provided additional information about the steps taken since the attack. The full statement can be found here.
The Metropolitan Police revealed that unauthorised access was gained to one of their suppliers' systems. The NCA has been notified of the incident. The system accessed is said to have contained officers' and staff's names, ranks, photos, vetting levels, and pay numbers, but no addresses, phone numbers, or financial information.
The investigation into whether these details were accessed is still ongoing. As of now, the Met is unable to provide a date for the breach or the number of employees affected by the event.
Rick Prior, Vice Chair of the Met Police Federation, has stated since learning of the breach:
In keeping with the theme of large organisations, councils have demonstrated that they are not immune to attack. A ransomware attack on St Helens Council's IT systems and networks was first detected on Monday, 21st August.
The attack, which has affected some of the Council's internal systems, is being investigated by experts. The incident is said to be evolving and complex, and the council has urged residents to remain vigilant and on the lookout for any online scams or emails in the coming weeks, particularly any communications claiming to be from the council.
The council has now put several security measures in place to keep their IT networks safe, and they are still providing council services through their website.
Moving away from the public sector, Swan Retail, an IT supplier, was hit by a cyberattack in the middle of this month that affected over 300 independent retailers.
The incident was discovered on Sunday, 13th August, and is said to have caused technical issues with some of the back-office systems.
Fashion, department stores, furniture and garden stores, pet stores, sports outlets, and outdoor organisations are among the retailers affected.
This month, the globally popular language learning app Duolingo suffered a data breach, with the data of 2.6 million Duolingo users leaked onto breach forums. Names, email addresses, phone numbers, social media information, and the languages the users were studying at the time of the breach are said to have been leaked.
It is estimated that one-third of the compromised data is from US accounts. Hackers allegedly obtained data access by scraping Duolingo's database via an exposed API.
The incident was first reported in January, but it was not known that email addresses had been obtained until they were recently listed for sale in hacking forums. The most serious concern now is phishing email attempts to the exposed users' email accounts.
As we near the end of this month's roundup, we couldn't help but mention the disastrous data breach that affected Northern Ireland's Police Service. Although the data was leaked by mistake rather than through an attack, the consequences of such a data leak can be just as devastating.
The monumental breach has compromised the data of approximately 10,000 police officers in Northern Ireland. Surnames, initials, ranks, work locations, and departments are said to have been included in the data.
John Edwards of the Information Commissioner's Office has stated:
“Following the report received from the PSNI, we are investigating the matter. Whilst this is a matter of serious concern, we do not yet know the extent to which the personal information was accessed during the time it was exposed. We are working with the PSNI to establish the level of risk and mitigations.” Read the full statement here.
Since the breach, individuals have been detained under the Terrorism Act.
Data breaches, whether malicious or unintentional, have a negative impact. All the incidents discussed in this article emphasise the importance of stringent cybersecurity measures in any organisation.
Contact the Brigantia team if you'd like to discuss your cyber security requirements.