What a week!
From politics to the pandemic, the last seven days will certainly go down in history as one of the most turbulent weeks of 2020. And the same is true for the world of Tech and I.T. as it seems cyber-attacks and data breaches continue to monopolise the headlines.
In this week’s blog we explore the MageCart cyberattack on JM Bullion, Mastercard’s new Cyber Secure launch, Hotel Group Marriott International’s fine for major data breach and how hackers are trying to capitalise on the COVID-19 crisis.
Let’s bring you up to date.
JM Bullion – One of the most expensive data breaches
Online retailer, JM Bullion, which sells precious metals such as gold, silver, copper, platinum, and palladium, revealed this week that it was the victim of a significant data breach earlier this year.
It was reported that the breach went unnoticed for five months, having only been discovered in July this year.
This breach could have resulted in highly sensitive data such as customer names, addresses, and even payment information, being leaked.
JM Bullion released a notice to its customers which read:
“Through an investigation, it was determined that malicious code was present on the website from February 18, 2020 to July 17, 2020, which had the ability to capture customer information entered into the website in limited scenarios while making a purchase.”
Customers that purchased items from JM Bullion during that period were advised to monitor their bank statements to check for fraudulent activity.
Read more at TechRadar.
Mastercard launches new AI driven security service
The growing power of AI is evident once again this week as Mastercard announced the launch of its new Cyber Secure toolbox.
The new AI driven service will help assist business owners in identifying evolving security threats and give banks the opportunity to tackle the growing risk of cybercrime.
As we’ve reported over the last few weeks, cyberattacks are on the increase, and according to Mastercard, at least 1 in 4 organisations have experienced a cyber-attack in the last 12 months.
We know that the Coronavirus pandemic has accelerated this growth so it’s good to see organisations like Mastercard doing something to tackle it.
In addition, Mastercard also announced it was “setting its sights” on Internet of Things (IoT) technology as part of the initiative. According to the card credit giant, IoT is
“responsible for the generation of 2.5 quintillion bytes of data every day, with 90% of this data having been accumulated in the last two years.”
Read more from TechRadar.
Marriott Hotels fined £18.4m for major data breach
Marriott International has become the latest organisation to be fined by the Information Commissioner’s Office (ICO).
It was announced this week that the hotel chain faces a fine of £18.4m after a major data breach affected 339 million guests.
It was revealed that the first part of the attack took place in 2014 but continued through to 2018 until it was first noticed. In that time the attacker continued to have unlimited access to a whole host of data, including personal customer information and passport details.
It was because of this that the ICO made the decision to impose a heavy fine, stating that
“Marriott had failed to protect personal data as required by the General Data Protection Regulation (GDPR)”.
You can bet that cybersecurity is now very high on their agenda.
Read more from BBC News.
How hackers are taking advantage of COVID-19
Given the news this week, it would be hard for us to finish a news round-up without mentioning the ‘C’ word. So, we here we go.
This week it was announced by The National Cyber Security Centre (NCSC) that hackers are capitalising on the COVID-19 crisis. Given the cybercrime news this week, that’s not surprising, but what is shocking is just how many incidents the NCSC are handling this year, compared to last.
The organisation reported a 10% rise in cyber-attacks during the period September 2019 to August 2020, totalling 723 incidents of which 194 were COVID related.
Some of the incidents it reported to be handling were to counter nation-state attacks, but the majority were criminal attacks.
The NSCS also disclosed that it had thwarted 15,354 campaigns that had used coronavirus themes as a "lure" to fool people into clicking on a link or opening an attachment containing malicious software. Some involved fake shops selling PPE (personal protective equipment), test kits and even vaccines.
Read more from City AM.
Those were some of this week’s biggest stories in I.T. and tech, but if you want more content, follow us across our four social media channels.
Cybersecurity should be high on the agenda for every business no matter what size and this week’s headlines prove that. If you think a discussion about improving your business security would be beneficial, get in touch at email@example.com to arrange a meeting.