Shane Chambers No Comments

Many SolarWinds Customers Still Exposed Online, Despite Well-Publicised Breach

IT management software giant Solarwinds were the victims of what is believed to be one of the largest cyber attacks yet late last year, sending shivers down the spine of much of the tech world. The attack breached SolarWinds monitoring tool Orion, which allowed the hackers to deliver malicious updates to unsuspecting users of the tool for several months.

Now, two months after the breach was discovered, an alarming number of SolarWinds customers still have vulnerable Orion servers exposed to the internet.

SolarWinds, a behemoth IT management solutions provider with over 300,000 customers, was revealed to be the target of a major cyber attack in December 2020.
Read more
Shane Chambers No Comments

BA Ends up With £20 Million Fine for 2018 Data Breach

British Airways now hold the dubious honour of receiving the highest data protection fine that the UK has ever seen, after the Information Commissioner’s Office (ICO) handed down a record-breaking £20 million fine. The fine could have been much heftier, however, as the ICO fine was originally slated at well over £150 million. BA negotiated to have to fine reduced on the back of several factors, including how the Covid-19 pandemic has affected their industry and business and the conduction of a more thorough review on how the 2018 incident occurred from a technical standpoint.

The £20 million BA fine is currently the highest ever recieved in the UK for a data breach.
Read more
Shane Chambers No Comments

Irishman Arrested for Running Website That Sold Stolen Credentials

A man from Fermanagh has been arrested along with a Dutch national (both aged 22) for their part in running the illicit credential marketplace WeLeakInfo. A joint collaboration between law enforcement in the UK, Northern Ireland, Germany, the US and the Netherlands was kicked off in the summer of 2019, with the site alleged to have over 12 billion credentials for sale, from various nefarious sources.

The domain seizure notice displayed on the website weleakinfo.com after the operation.
Read more
Shane Chambers No Comments

Personal Data for Billions of Users Exposed Online in Three ‘Combo Lists’ Discovered This Month

It’s a scary time to be an internet user, with three huges troves of user data recently discovered to be exposed online; opening users up to phishing emails, spam and even credential stuffing attacks.

Cyber criminals use ‘credential stuffing’ to gain unauthorised access to websites that were never breached, using previously hacked passwords
Read more
Shane Chambers No Comments

First Large GDPR-Era Fine Handed Down to British Airways (£183m)

In a move that is likely to shock corporations in Europe and beyond, the Information Commissioner’s Office (ICO) has fined British Airways (BA) just over £183 million, due to a 2018 data breach in which personal data belonging to 500,000 of its’ customers was compromised. The move marks the first large fine handed down to a company since the General Data Protection Regulation (GDPR) took effect in May of last year and, shockingly, was less than 50% of the maximum fine that the ICO could have set for BA.

In 2018, British Airways suffered a breach that exposed credit card info, names, addresses, travel details and login credentials for 500,000 customers
Read more