Cyber Security News Roundup – 3rd July 2023
By Emily Davidson
03 July 2023It's a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.
Siemens Energy confirms data breach after MOVEit data-theft attack
27/6
Global energy technology company Siemens has become the latest company to confirm that it has had data stolen in the recent series of Clop ransomware attacks. Clop listed Siemens on their leaks site on the 27th June, a move that the group usually makes to apply pressure to victims - the listing was followed by confirmation from a Siemens spokesperson that the organisation has been breached by attacks targeting the CVE-2023-34362 vulnerability in the MOVEit file transfer service. Siemens have stated that no critical data was stolen, and that business operations were not affected by the breach after the company took immediate action. (Bleeping Computer)
Eight in ten UK health orgs have had a security breach since 2021
27/6
New research from SOTI has revealed that 79% of UK healthcare providers have experienced at least one data breach since 2021, growing 22% year on year; these findings indicate that little is being done to address to issue of data security in the industry. The research also highlighted the growing security challenge resulting from devices, with almost half of respondents reporting an increase in the mix of devices at their organisation. A further 33% reported an increase in the use of personal devices to access company networks - failure to appropriately manage and monitor these devices poses a significant risk to data security. (Digital Health)
Apple supplier TSMC hit by data breach, ransomware group demanding $70 million payment
30/6
Taiwan Semiconductor Manufacturing Company Limited (TSMC), a computer chip maker and Apple partner, has confirmed that it has been impacted by a data breach on one of its third party suppliers. The incident has not affected business operations or customer information, and TSMC has terminated data exchange with the breached supplier, Kinmax Technology, in accordance with their security protocols. In a letter to their partners, which also include HPE, Cisco, Microsoft, Citrix, and VMware, Kinmax Technology explained that they first noticed the breach on the 29th of June, when their internal specific testing environment was attacked. The notorious ransomware operation LockBit has claimed responsibility, and is reportedly demanding a $70 million ransom in order to not leak the stolen data. (9to5Mac)
Over a million NHS users have data leaked following ransomware attack
30/6
The recent ransomware attack on the University of Manchester has exposed the data of 1.1 million NHS users, from 200 different hospitals. As much as 250Gb of information was accessed by criminals during the breach, with the data including the NHS numbers and part of postcodes for major trauma patients across the UK - the university had been keeping this information for research purposes. As the database was launched in 2012, it is expected that the leaked data contained over a decade of information; NHS chiefs have now been warned of the risk that NHS data will be made available in the public domain. Information about the criminals behind the breach is currently scarce, with the University publicly stating that the incident was not linked to the MOVEit breaches. (Tech Radar)
Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!
Latest resources
💚 Celerity Goes Green: Supporting Marine Conservation with a Beach Clean 🏝️
Celerity has engaged with the Marine Conservation Society since 2024, to support their public Beach Clean events around the UK. MCS is the UK’s marine conservation charity, working to solve the climate crisis, protect marine wildlife and clean up our oceans.
Another Year of ISO Excellence
Celerity has successfully maintained its 3 ISO certifications—ISO 9001 for Quality Management, ISO 27001 for Information Security Management, and ISO 14001 for Environmental Management—for another year!
TfL Cybersecurity Incident: Implications for Your Organisation’s Security Strategy
Cybersecurity incidents, like the recent breach affecting Transport for London (TfL), highlight the ever-present dangers that organisations face in today’s digital landscape.