shutterstock_490960141-1

Industry News: ESG5

Know Your Breach: Sonic

The target: Sonic Restaurants, an American fast-food chain.

The take: An estimated five million credit and debit payment card accounts were compromised as a result of the attack.

The attack vector: The success of the attack was attributed to the age of Sonic’s Point-of-Sale systems, which were no longer receiving security updates and which were inherently vulnerable to manipulation and data exfiltration.

Read more...

Ex-Equifax Exec Pleads Guilty To Insider Trading Post-Breach

2019-03-06

AJC: A former executive at Atlanta-based Equifax has pleaded guilty to insider trading in the wake of the company’s massive data breach in 2017. Jun Ying, 43, former chief information officer of an Equifax division known as U.S. Information Solutions, sold more than $950,000 in stock in the weeks after the company discovered the breach but before the incident was made public...

Read more...

Chinese Hackers Hit 27 Universities in US, Canada: Report

2019-03-06

BusinessStandard: Chinese hackers have targetted over two dozen universities in the US and Canada in an apparent bid to steal key maritime military research, The Wall Street Journal has reported. In all 27 universities -- including the University of Hawaii, the University of Washington, Penn State and Duke University and Massachusetts Institute of Technology -- were found to have been hit by the hackers, according to a report by cyber security firm iDefense which was accessed by The WSJ...

Read more...

KKR Invests in Cybersecurity Firm KnowBe4 at $800M Valuation

2019-03-01

Fortune: Cybersecurity startup KnowBe4 has secured a minority investment from private equity giant KKR that values the firm at more than $800 million. KKR is making an initial commitment of up to $50 million in KnowBe4, according to sources with knowledge of the transaction, with plans for an additional investment in the company already in the works...

Read more...

North Korea Conducted Cyberattacks on the U.S. During the Trump-Kim Summit, Report Says

2019-03-04

Time: Hackers linked to North Korea continued waging cyberattacks against U.S. companies and other targets while leaders from Washington and Pyongyang met for their second summit last week, the New York Times reports. Throughout the ongoing, 18-month operation, hackers from Lazarus group have persistently targeted key industries...

Read more...

The Marriott Breach Shows Just How Inadequate Cyber Risk Disclosures Are

2019-03-05

HarvardBusinessReview: Another year and another hack and what seems like a very long wait to learn that it happened. Recently, Marriott waited 11 weeks to reveal that 383 million customer records had been compromised, exposing at least 25 million passport numbers and 8 million payment cards. Can you imagine a company like Marriott waiting for 11 weeks to disclose its quarterly earnings numbers? That wouldn’t be acceptable...

Read more...

Bank of England to Test Banks' Resilience to Cyber Attacks

2019-03-05

Euronews: LONDON (Reuters) - Britain's banks will have to show they could recover from a cyber attack within hours to avoid customer payments being delayed to the next day, the Bank of England said on Tuesday. The BoE said it would hold a pilot cyber stress test of lenders mid-2019 but individual results won't be published...

Read more...

Cyberattack Planning is Still Depressingly Poor, Even in Big Businesses

2019-03-05

Zdnet: The top management at some of the UK's biggest companies still don't fully understand the potential risks of a cyberattack on their business, says a government report. While nearly every big company (96%) claims to have a cybersecurity strategy in place, less than half (46%) back that up with dedicated budget. And only one in eight (16%) say they have a comprehensive understanding of the impact of loss or disruption that comes with cyber threats...

Read more...

Know Your Breach: Target

The target: Target, an American retailer.

The take: PPayment card information, and/or names, phone numbers and e-mail addresses for up to 70 million customers.

The attack vector: Attackers accessed Target’s network via credentials stolen from a third-party HVAC vendor, installed malware and exfiltrated the data in what was one of the first major data breaches to make headlines.

Read more...

Cybercriminals Earning Over $3B Annually Exploiting Social Platforms

2019-02-20

GlobeNewswire: Since 2017 there has been a 400 to 600 percent increase in the amount of cryptomining malware being detected globally, the vast majority of which has been found on social media platforms. Of the top 20 global websites that host cryptomining software, 11 are social media platforms like Twitter and Facebook...

Read more...

Cost of Cyber Breach Recover Hits All-Time High of $5.8M

2019-02-25

CanadianSecurityMagazine: Cyber security incidents have become the new normal for Canadian companies, with 100 per cent of organizations experiencing attacks, according to the findings of a new study from Scalar Decisions Inc. of more than 400 Canadian IT and security workers...

Read more...

Ionic Security Closes $40 Million Growth Round Led By JPMorgan Chase & Co. with Participation from Google LLC

2019-02-27

PRNewswire: It was announced that Ionic Security Inc. closed a $40 million Series E round led by financial services leader JPMorgan Chase & Co., with participation by Google LLC as a new investor. Current venture investors Kleiner Perkins, GV, Icon Ventures, Meritech Capital, TechOperators and Ten Eleven Ventures participated, alongside other new and existing investors. JPMorgan joins Goldman Sachs and SunTrust Bank as the third major financial services firm to invest in Ionic Security...

Read more...

Tesco scam warning after customers caught out by fake email about grocery home orders

2019-02-26

Thescottishsun: TESCO customers are being warned about a new scam that could let fraudsters take control of your account. The supermarket said a number of its shoppers had received a phishing email about a grocery order they hadn't placed online. More than 400,000 phishing emails are reported to Action Fraud every year - and those are just the ones flagged by victims...

Read more...

Hospitals Are Cyber Criminals’ Newest, Biggest Target

2019-02-25

Insidesources: Cyber attacks on hospitals and healthcare providers have become a regular occurrence.  On Feb. 1, it was Easton Hospital in Easton, Pennsylvania. On Feb. 4, it was the Catawba Valley Medical Center in Hickory, North Carolina. On Feb. 20, it was the Calbrini Hospital in Melbourne, Australia...

Read more...

India ‘Millionaire’ Crypto Scam Tricks Victims Out Of $250K

2019-02-26

pymnts: A man in India tricked 12 people out of $250,000 with a scam involving a fake cryptocurrency named after the Indian version of the show “Who Wants To Be A Millionaire,” according to reports. Pritam Patil allegedly asked the victims to invest in the initial coin offering (ICO) of his “KBC Coin,” named after Kaun Banega Crorepati, a wildly popular Indian show...

Read more...

Data breaches reported to FCA have risen 480% from financial services firms

2019-02-25

InformationAge: The number of data breaches reported by UK financial services firms to the Financial Conduct Authority (FCA) increased 480% in 2018, to 145 up from just 25 in 2017*, shows research from RPC, the City-headquartered law firm. Data breaches are on the rise. And, the financial services sector is an especially lucrative target; along with the personal data bulging healthcare sector...

Read more...

About Castle Hall Diligence

Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →

Subscribe to Cyber Updates