In a stunning revelation, Nova Scotia has unveiled chilling details of a recent cyber attack that has left the personal information of up to 100,000 individuals hanging in the balance. This breach, targeting a file transfer service has struck at the very heart of the province, affecting teachers, students, healthcare workers, and even job applicants.
Names, addresses, dates of birth, and employment details were snatched by the nefarious hackers, plunging the victims into a state of vulnerability. As Nova Scotians grapple with the magnitude of this violation, authorities are scrambling to piece together the shattered fragments of their digital defenses. (ctvnews)
My thoughts: Nova Scotia has just over 1 million residents meaning that this attack is affecting about 10% of the population. From this article, it’s also clear that there was probably no incident response plan in case of a cyber attack. They seemed VERY caught off guard. The Internet is full of resources and incident response templates to help you get started.
In a chilling turn of events, clients of Empire Life have fallen prey to a massive data breach that has also targeted other notable financial institutions, including Mackenzie Investments. The breach orchestrated by cybercriminals infiltrating InvestorCOM Inc., a software provider for Empire Life, has led to the compromise of vital information pertaining to certain mutual funds and segregated fund policies.
The incident was brought to light when InvestorCOM notified Empire Life of the breach, triggering an independent investigation alongside cybersecurity experts. Affected clients are now being notified by mail, while Empire Life takes responsibility by offering three years of credit monitoring through Equifax Inc. (investmentexecutive)
My thoughts: Third party cyber attacks are no joke. Be sure to properly evaluate and choose vendors that meet your cyber security standards.
In a major blow to the Eisai Group, a prominent Japanese pharmaceutical company, a ruthless ransomware incident struck their servers on June 3rd. The attack has forced several vital systems offline, including logistics operations, while Eisai scrambles to assess any potential data leaks. In an official statement, Eisai revealed that an examination of the incident's impact on their fiscal year's earnings forecast is underway, with a commitment to promptly announce any necessary revisions.
As recovery efforts commence, Eisai has mobilized a dedicated task force, sought the assistance of external experts, and engaged law enforcement to combat the attack. However, concerns arise as cyber security experts raise questions about potential insider involvement or the involvement of a nation-state seeking data theft or disruptive chaos. (infosecuritymagazine)
My thoughts: We are often led to believe hackers and cyber threats come from countries from across the globe. However, it’s very possible that the threats are within your organization. Those are the scariest and often the most impactful. To prevent this from happening to you, be sure to create a zero trust strategy, restricted access and start with cyber security awareness training for all employees.
The Play ransomware attack, initially believed to be limited to IT services provider Xplain, has taken a darker turn, impacting the national railway company of Switzerland (FSS) and the canton of Aargau.
Swiss police have launched an investigation into the incident, which struck Xplain—an IT company catering to federal and cantonal government departments, the army, customs, and Fedpol, the Federal Office of Police.
The attack has exposed alleged stolen data from Fedpol and the Federal Office for Customs and Border Security (FOCBS) on the Darknet.
While authorities attempt to downplay the severity, it has been confirmed that the attackers exploited a vulnerability on Xplain's servers, leading to a breach of correspondence and operational data. The investigation is ongoing, leaving Switzerland on high alert as even the Swiss parliament faces a separate cyber attack, raising concerns over the nation's cyber security infrastructure. (financialpost)
My thoughts: I don’t think we should be questioning the cyber integrity of an entire country. That puts a target on their back. As we’ve seen in the past, once attacked, you’re more likely to get attacked again. Hackers know you are vulnerable.
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.