.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The target: T-Mobile, a U.S based cellphone carrier.
The take: Exposure of Personally Identifiable Information of 50 million customers including: addresses, social security numbers, dates of birth, drivers’ licenses, and a small number of account PINs.
The attack vector: The attacker penetrated T-Mobile’s IT systems through an unsecured router, using the lack of credential controls as a launchpad to steal data.
Use of industry standard authentication protocols is an integral part of maintaining a rigorous cybersecurity posture, and it is critical to employ robust practices of credential management, user authentication and validation, around all points of access in a firm’s IT network. An unprotected point of entry on a key piece of equipment like a router can lead to a breach with a cascading effect on data exposure.
ETF Trends: That’s a positive for a variety of exchange traded funds, including the First Trust Nasdaq Cybersecurity ETF (CIBR). Following large-scale ransomware attacks this year on energy pipelines, meat packing plants, and other assets, the case for cybersecurity spending — and investing — has never been stronger.
IT Pro Portal: Across any industry, cybersecurity and regulatory compliance are crucial areas for business leaders to keep on top of. Both present a set of diverse, rapidly evolving challenges, each with their own unique twists and turns.
Help Net Security: For too long, both the private and public sectors have not prioritized cybersecurity efforts enough and only acted in “good faith” – an inadequate effort to improve cybersecurity.
The Irish Times: US financial services group State Street is to establish a new global cybersecurity and technology unit in Kilkenny, which will see the creation of 400 new jobs.
Sky News: The thresholds set for the mandatory reporting of cyber incidents across the energy, transport, health, water, and digital infrastructure sectors are so high that few if any incidents are actually being reported to government.
PYMNTS: Hong Kong cryptocurrency exchange Bilaxy was the victim of a hack that compromised a hot wallet on its platform and saw the transfer of 295 ERC-20 tokens, worth more than $21 million, to a single wallet on Sunday (Aug. 29).
SEC: The Securities and Exchange Commission sanctioned eight firms in three actions for failures in their cybersecurity policies and procedures that resulted in email account takeovers exposing the personal information of thousands of customers and clients at each firm.
The target: Revere Health, a Utah based multispecialty physician group.
The take: Personally Identifiable Information of 12,000 patients including: medical record numbers, dates of birth, provider names, and procedures and insurance names.
The attack vector: An employee of Revere Health fell victim to a phishing attack, allowing the attacker control of their email account.
Phishing attacks against individual employees remain one of the greatest security threats to an entire organization. Regular social engineering and awareness testing and training, along with tone-from-the-top messaging to emphasize the importance of critical thinking and caution are crucial to protecting sensitive information assets.
Axios: After assembling a team of tough-minded regulators to take on big technology companies, the Biden administration on Wednesday called on many of those same companies to work with the federal government to address a growing wave of cyberattacks.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy