News

Liberty At Risk After Major Breach

Thu, 21/06/2018 - 10:00
Redstor_Loiberty_blog
Ransomware , Disaster Recovery

South African Insurance firm Liberty have suffered a major data breach with the potential to put client and customer data at risk. There is little information as to how the breach occurred but allegedly is due to a strain of ransomware which allowed hackers to extract data from systems. Following this the perpetrators have attempted to extort ‘compensation’ from the organization and threatened to leak the data.

On Saturday 16th June, Liberty began contacting customers to inform them of the breach stating:

“Liberty regrets to inform you that it has been subjected to unauthorised access to its IT infrastructure, by an external party who requested compensation for it… we have taken immediate steps to secure our computer systems and are investigating the incident”

Some sources are claiming that the breach came via an email server and that data was extracted from this but with the alleged dataset stolen, said to be 40 terabytes, it would appear that core systems may have also been accessed.

Following the news of the breach, the Liberty Group’s share price dropped 4% in value. Clients are likely to be worried about how the breach occurred and may lose confidence in the organization. In addition, the organization will need to establish how the breach occurred, establish the full extent of it and be ready to share this information with regulators. The likely end result will be a fine. The company has stated that they refused to pay the ransom although CEO David Munro stated he was unable to confirm the amount ask for.

“It’s fair to say an event like this is not something one can prepare for specifically. We prepare for them generally, but when an event like this takes place, it’s out of the blue. This occurred on Thursday evening. It took a couple of days before deciding we should inform customers and ensure that we can safely move into the public domain, as it is a complex matter… We back up our data. The challenge every enterprise has globally is the confrontation from cybercriminals attacking on a regular basis.”

 

Breach threats

The Liberty breach is just one of many cyber-attacks and ransomware attacks that have affected organizations in recent years. Most recently South African firm ‘ViewFines’ came under scrutiny when data of nearly 1 million citizens leaked including addresses and National Identification numbers.

Last year credit agency Equifax suffered one of the largest data breaches in history when they lost records pertaining to over 140 million people. This was mainly in the United States but also included data subjects in Europe, the UK and Canada.

Consequences of a data breach

In Europe, the GDPR is brand new legislation on how organizations and individuals should deal with data protection. Under the regulation organizations who do not comply and suffer a data breach are liable of fines up to £17,000,000 or 4% of global turnover. In South Africa, the Protection of Personal Information Act (POPI) is being passed and will be the overriding law.

Fines are not the only reason for organizations to be concerned with a potential data breach. Increasingly, customers count on an organizations reputation before making buying decisions and companies with bad reputations for data security are at risk.

 

Best practice for avoiding data breaches  

Processes and procedures

Cyber-security processes and procedures are vital in ensuring that a breach does not occur. This must include how long data is kept for and the security around how data is stored.

Limiting access

Sensitive data and data relating to data subjects is what will be targeted by hackers and cyber-criminals. By limiting access to this data, organizations can help to limit the effects that phishing scams may have for those looking to access information with legitimate, but stolen, passwords.

Password protection

Password attacks are still one of the most commons ways that systems are accessed by unauthorised parties. Botnet attacks in particular regularly make use of accessing systems often using default administrator passwords. It is vital to ensure all passwords have been updated and are secure.

Backup

Ransomware and other types of cyber-attack often compromise data, deleting it or making it inaccessible. Having a secure off-site copy of all data as a backup will ensure an organization can recover from an attack and help to prevent data loss.

Do not pay a ransom

Paying a ransom is one way to get data back, however, it is not recommended. Not only is there no real guarantee that data will be returned correctly but cyber-criminals may strike again knowing that an organization is vulnerable.

 

To find out more about how to protect against the threats of cyber-crime, download the latest whitepaper here.

Recent Articles

Redstor_GolfDay_Blog Partners

Redstor Celebrate Success At The Seventh Annual Golf Day

For the seventh year in a row, Redstor has played host to customers and partners at the Windlesham Golf Course in Surrey for an event of golf, dining... read more

July 12, 2018
Redstor_Backups_coming_home_blog Data Backup

Backup’s Coming Home

Data is a vital asset for all modern organizations, from law firms to schools to football associations, data underpins decisions and holds systems... read more

July 10, 2018
Redstor_Banking_blog Ransomware

Banks Begin Backing Themselves Against Disaster

The banking and finance industries are synonymous with security especially when it comes to technical aspects of service including the growing use of... read more

July 05, 2018