Cloud Backup

We`re just sending through your details

Please give us a few moments whilst we get your account ready.


Mayday, mayday, we’ve been hit with a data breach

Mayday, mayday, we’ve been hit with a data breach

posted in Disaster RecoveryDisaster Recovery ● 3 Oct 2014

In recent months, technology giant IBM accidentally sent their own customers Malware, the Metropolitan Police Force gave away contact details of gun users in the UK and mobile operator Three, failed to control access to customer’s personal details and account details by third parties.

All three of these companies should know better when it comes to the risk of a data breach but it goes to show that all companies are at risk of data breach and should be doing more to combat this risk, especially with GDPR on the horizon.

GDPR is The General Data Protection Regulation and comes into force in Europe in May 2018 but will have a global effect.

In IBM, we trust

Although IBM were most likely one of the first companies to have ever experienced and learnt from a data breach, it seems not even they can avoid a slip up every now and then. This week, IBM have made users aware that USB flash drives containing the initialisation tool for some of their Storwize systems “contained a file that has been infected with malicious code”. It is not yet known how many customers may have been affected by this but IBM had been actively distributing the software unknowingly putting their own customers at risk.

Policing data breach

While data breach isn’t usually an area the Metropolitan Police Force would be involved in, leaving that up to the ICO, they are now. For the wrong reasons.

The Data Protection Act in the UK ensures that personal data such as your name and home address must be handled in a safe and secure way. So, when the police are accused of selling or giving away this information for 30,000 people it’s clear that something has gone wrong. In addition, the fact that these 30,000 people are legal gun owners gives, even more, reason for concern.

Three’s a charm

Three are no stranger to data breach having had data for more than 130,000 of their customers compromised by cyber-criminals less than 6 months ago. So being back in the news for another data breach should be a worry.

This time around, customers were presented with each other’s names, numbers and call history when attempting to log into their accounts. According to a spokesperson, “no financial details were viewable” and they will be “investigating the matter”.

Reducing the risk of data breach

Data breach and data loss are costly to organisations; From a monetary sense fines can be levied by the relevant state Information Authority (e.g. the ICO in the UK) and further with reputational damage. Three are a prime example of an organisation that will have damage done to their reputation due to data loss. When you look for a new phone provider, it is unlikely that you are going to choose the one known for losing customer data and personal details.

These cases all have something in common in that the companies were quick to confirm that the matters would be explored further and that actions would be taken to ensure breaches would not happen again. This being the case, the sources of the initial breaches are unknown to the public.

Data breaches can come from many sources and it would be difficult for any organisation to claim total security against them. However, it has been reported that 25% of breaches involve internal actors compared to 51% involving organised criminal organisations. Of these attacks over half, 51%, included malware which has been a growing threat in IT for the past 18 months.

The threat from internal users should be less than 1 in 4 and Network managers and administrators will have to review internal policies and procedures to lower this, usually starting by limiting who can access data.

Statistics used are from the Verizon DataBreach Investigations Report 2017. 

Cyber-attack on The Works is a warning to others

The recent cyber-attack on discount retailer The Works, emphasises the need for organisations of all sizes to invest in ransomware prevention measures.

Continue reading

Redstor Appoints Channel Leader Mike Hanauer as CRO to Spearhead Global Sales Expansion

Reading, April 28, 2022 – Redstor, the cloud-first backup platform of choice for MSPs, today announced the appointment of accomplished channel sales executive Mike Hanauer in a newly created role of Chief Revenue Officer (CRO). Known across the market for his revenue-generating successes with top data protection, recovery and security companies, Hanauer will spearhead global expansion plans for Redstor’s category-leading SaaS platform.

Continue reading

What is the Digital Operational Resilience Act?

The Digital Operations Resilience Act (DORA) is the European Union’s attempt to streamline the third-party risk management process across financial institutions.

Continue reading

Download The Ultimate MSP Growth Guide

  • This field is for validation purposes and should be left unchanged.