Cyber Security News Roundup – 7th August 2023

Emily Davidson

By Emily Davidson

07 August 2023
Cyber Security News Roundup – 7th August 2023

It's a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.

Data breaches grow nearly three times, with US accounts most compromised

3/8

New research from VPN Provider Surfshark has revealed how the number of breached accounts worldwide grew 156% to 110.8 million in the second quarter of 2023. The United States accounted for 45% of global data breaches, with North America the most affected region - Europe and Asia came in second and third. Surfshark’s research was based on the analysis of data from 29,000 publicly available databases, determining locations with IP addresses, coordinates, currency, and phone numbers. (ZD Net)

US govt contractor Serco discloses data breach after MoveIT attacks

3/8

Serco Inc, the Americas division of multinational outsourcing company Serco Group, has become the latest victim of the Clop MOVEit campaign after disclosing a data breach that saw criminals steal the personal information of over 10,000 individuals from a third-party vendor. The information was exfiltrated from the file transfer platform of CBIZ, Serco’s third-party benefits administration provider – the attack did not affect the security of Serco's systems, but they are collaborating with CBIZ to investigate the breach and assess the full extent of the incident. The stolen data is sensitive, including names, U.S. Social Security Numbers, dates of birth, home addresses, Serco and/or personal e-mail addresses, and health benefits. This follows recent news that Clop is set to make between $75 and $100 million from the MOVEit campaign, despite a fall in ransom payments. (Bleeping Computer)

Cyber-attack to cost outsourcing firm Capita up to £25m

4/8

Following March’s cyber attack, Capita has now taken a financial hit of £25 million which has led to an overall loss of £68 million in the first half of the year. The outsourcing group suffered the attack from notorious ransomware operation BlackBasta, which hacked into Capita’s Microsoft 365 software in order to steal data from staff and clients. Capita did confirm that data was exfiltrated, stating that it was equivalent to less than 0.1% of the server estate - however after the initial cyber attack, more than 90 different organisations reported further breaches of personal information to the Information Commissioner’s Office. Following the announcement of the company’s first half financial results, on Friday Capita’s share price fell 12%, making it the biggest faller on the FTSE250. (The Guardian)

Colorado Department of Higher Education warns of massive data breach

5/8

The Colorado Department of Higher Education (CDHE) published a 'Notice of Data Incident' on its website last week, following a ransomware attack in June. The massive data breach impacts students, past students, and teachers, with stolen information including full names, social security numbers, dates of birth, addresses, proof of addresses, photocopies of government IDs, and more. Despite no confirmation from the CDHE as to how many people were affected, the scope of the breach ranges from 2004 to 2020 so it likely encompasses a large number of individuals. After working with third-party specialists to investigate, the CDHE determined that the threat actors had system access between the 11th and 19th of June – using this time to steal data and deploy ransomware. So far, no ransomware group has claimed responsibility. (Bleeping Computer)

Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!

Latest resources

What are the legal consequences of a data breach?
Blog

What are the legal consequences of a data breach?

What is a Data Breach? According to the European Commission, a data breach is when ‘the data for which your company/organisation is responsible suffers a security incident resulting in a breach of confidentiality, availability or integrity’. The causes of this can vary, but ultimately it is the organisation’s responsibility to prevent this situation from arising. […]

Managed IT service providers or internal hires: pros and cons
Blog

Managed IT service providers or internal hires: pros and cons

The choice between opting for a managed IT service provider and relying on internal hires is vital to ensure your business benefits from crucial information technology security services in a timely, effective, and agile way. From cyber security to software asset management, there are countless IT services that businesses must account for. A managed IT […]

Celerity Secures Spot on Crown Commercial Service G-Cloud 14 Framework to Drive Public Sector Digital Transformation 
News

Celerity Secures Spot on Crown Commercial Service G-Cloud 14 Framework to Drive Public Sector Digital Transformation 

Celerity is delighted to have been named as a supplier on the Crown Commercial Service (CCS) G-Cloud framework, with the latest iteration, G-Cloud 14, commencing on 9th November 2024 and running through April 2026.