Resources

January's Security Round Up

Written by Will Shaw | Jan 31, 2023 1:38:12 PM

With cyberattacks affecting every sector in the last year and 2022 being plagued by digital assaults of various sizes, what can we expect in 2023 and the months ahead?

In our first cybersecurity roundup of the year, we cover some of the organisations that have already been subjected to significant security breaches. Here are some of the major incidents that have recently made headlines.

 

Royal Mail

Two weeks into the New Year, Royal Mail asked customers to stop sending mail abroad. This was due to a cyber incident that they claimed was causing significant disruption. As more information became available, it became clear that the attack was carried out by the hacker group LockBit.

As a result of the incident, the organisation was unable to send anything overseas. The impact on Royal Mail customers has been significant, with small businesses bearing the brunt of the impact. Small retailers have spoken of losing hundreds of pounds in customer and stock compensation.

Competitors have been left to clean up the mess left by this attack, compounding Royal Mail's problems with previous customers switching to other providers such as Evri, Yodel, and DPD.

On 26th January, Royal Mail stated that they were working towards resuming full operations.

Attacks on national infrastructures, such as Royal Mail, have heightened concerns about the online threats that providers face.

 

T-Mobile

T-Mobile's latest data breach exposed the personal information of tens of millions of customers.

The breach is estimated to have affected 37 million customers. Names, billing addresses, phone numbers, and email addresses are believed to have been leaked. There appears to have been no compromise of passwords or financial information. Customers whose information may have been stolen have been notified by the company.

In 2021, the operator proposed spending millions to upgrade their security systems. It does raise the question of what improvements they have made, given that this is not their first major data breach.

 

MailChimp

On 11th January, MailChimp's security team discovered a data breach within the customer support and account administration teams. The breach comes only six months after the previous one. MailChimp claimed that access to its systems was gained through a social engineering attack. Employee credentials obtained from the incident were used to access data from 133 MailChimp accounts. MailChimp acted quickly, and less than 24 hours after the first discovery, affected accounts were advised on how to safely restore access to their MailChimp accounts. This is the service's third breach in a year.

 

Arnold Clark

The ransomware group 'PLAY' has claimed responsibility for the attack on Arnold Clark, one of Britain's largest car dealerships. Information such as National Insurance numbers, passport data, addresses, and phone numbers appear to be available on the ransomware group's extortion site. In addition, bank statements and car finance documents are said to have been taken from the Glasgow branch.

The group allegedly stole sensitive, personal data and posted it online. On 3rd January, Arnold Clark issued a statement regarding the attack. In December, the company informed its customers about the attack. According to the statement they tweeted, they had protected customer data when they discovered suspicious traffic on the network on 23rd December. As a precaution, they shut down their network, causing disruption to their operations.

They have not issued an update since this statement, and the full extent of the incident is unknown. PLAY targeted a number of high-profile companies in December.

 

JD Sports

JD Sports, the UK's largest sports apparel retailer, was the latest high-profile victim of an attack in January, notifying customers on the 30th of a security breach.

After gaining access to historical data on purchases made between November 2018 and October 2020, attackers stole the personal information of approximately 10 million people. Full names, billing and home addresses, phone numbers, email addresses, purchase information, and the last four digits of a payment card were all stolen. JD's subsidiaries were also affected, including Size?, Millets, Blacks, Scotts, and MilletSport.

JD stated that they would not have obtained full payment card details because they do not store full card numbers. However, the company warned customers to be on the lookout for suspicious communications from JD or any of the other brands affected. Potential fraudsters could use the stolen information in phishing or social engineering attacks.

 

What’s the outlook for cybersecurity in 2023?

Along with the tech industry, the cybersecurity industry has suffered in recent years. With skyrocketing interest rates, the threat of a recession, pandemic aftershocks, and the Ukrainian invasion, it would have been impossible not to be affected.

The UK's National Cyber Security Centre will open a ransomware hub in March 2022. It was created in response to an increase in ransomware attacks in the United Kingdom. The hub aims to support organisations in improving their own resilience and offers advice on how an organisation's response to and recovery from a ransomware attack has a significant impact on the impact of an incident.

Cybersecurity is a must, and with the continued onslaught of cyberattacks, it is more important than ever for businesses to secure their networks.

Are passwordless biometric systems a part of the solution? Do employees need more training to recognise the tell-tale signs of phishing campaigns? There is no one-size-fits-all solution. Businesses must continue to strengthen their security measures as ransomware groups find new ways to infiltrate private data.

We advise all businesses to implement layered security. These attacks could happen to any organisation, so strong defences are always recommended.

Look out for the next cybersecurity round-up in the coming months.