Cyber Security News Roundup – 4th September 2023
By Emily Davidson
04 September 2023August is now behind us, but news of widespread cyber crime remains constant. Last week, multiple organisations announced that they had suffered data breaches. To learn more about each story, click the headings.
Specialist print supplier at centre of Met data breach
29/8
Another UK police force has suffered a data breach, with the Met police falling victim to hackers that gained unauthorised access to a third party supplier’s IT systems, and stole staff information including names, ranks, photos, vetting levels, and salary information. The breached supplier, who has not been named by the force, is responsible for printing warrant cards and staff passes. Described as “a staggering security breach that should never have happened”, all 47,000 of the force’s employees have been notified with many working “some of the most difficult and dangerous roles imaginable”. The breach has been reported to the National Crime Agency and Information Commissioner’s Office, with the ICO promising to make enquiries. (Print Week)
Forever 21 discloses data breach: 500K+ affected
30/8
Last week, a data breach affecting over 500,000 individuals was confirmed by Forever 21, a US based fast fashion retailer. In its investigation the company found that during the data breach, which was discovered on the 20th of March, an unauthorised third party managed to gain access to a limited number of systems between the 5th of January and 21st of March. In the data breach notice, it is stated that 539,207 individuals could have been affected, with compromised data including a variety of sensitive information. Forever 21 have stated that there is no evidence that any information has been copied, shared, retained or misused, and that steps have been taken to ensure that the threat actors no longer have access to the data. (Cyber News)
Paramount confirms data breach, user personal data compromised
31/8
Entertainment giant Paramount, with annual revenue of $30.15 billion in 2022, has announced that it suffered a data breach between May and June. In the attack, unknown cyber criminals managed to successfully exfiltrate sensitive data including names, dates of birth, Social Security or other identification numbers, and information detailing the victims' relationships with Paramount. The company has been in contact with the affected individuals, of whom there are “less than 100”; it is not known whether these individuals are employees or customers. On discovery, Paramount introduced third-party cyber security experts, notified law enforcement, and began work to upgrade its security posture. (TechRadar)
Golf gear giant Callaway data breach exposes info of 1.1 million
1/9
One of the world’s largest golf brands, Topgolf Callaway, suffered a data breach at the start of August that exposed the personal information of over 1 million customers. In their notification letter, Callaway explained that an IT system incident that occurred on the 1st of August affected its e-commerce services, and exposed sensitive customer information including names, addresses, and phone numbers to an unauthorised third party. With the incident affecting 1,114,954 individuals, Callaway stated that they detected the breach early on and immediately contained it; all users are now being asked to reset passwords to prevent any unauthorised access of their customer accounts. (Bleeping Computer)
Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's critical that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how our layered approach to cyber security could protect your business!
Latest resources
A Guide to Cyber Recovery Cleanrooms
At Celerity, we’re committed to helping organisations navigate the complexities of emerging technologies that drive resilience and compliance. That’s why we’re excited to share this insightful article from our partner, Predatar. Written by CEO Alistair Mackenzie, it explores the growing importance of cyber recovery cleanrooms, their benefits, and how to cut through the noise to make informed decisions.
Celerity Secures Spot on Crown Commercial Service G-Cloud 14 Framework to Drive Public Sector Digital Transformation
Celerity is delighted to have been named as a supplier on the Crown Commercial Service (CCS) G-Cloud framework, with the latest iteration, G-Cloud 14, commencing on 9th November 2024 and running through April 2026.
Play your virtualisation cards right with Red Hat OpenShift
If you’re the customer of one very large virtualisation vendor, you may feel like you’ve been dealt a pretty bad hand over the last few months. With the long-term impact of new licensing and support programmes up in the air, organisations are seeking guidance from IT service providers on how they can best plan for, and manage, their virtualised infrastructure going forward.