.jpg?width=200&height=78&name=CH%20Diligence%20(thicker%20line).jpg "CH Diligence (thicker line)")
The target: Malindo Air, a Malaysian subsidiary of Indonesia’s Lion Group
The take: Approx. 35 million passenger records, including names, emails, addresses, passport numbers/expiration dates.
The attack vector: Two former employees of a subcontracted e-commerce provider were identified as having “improperly accessed and stole the personal data of our customers.” Malindo Air reiterated that their external controls were not breached and that “services and infrastructure worked as designed and were not compromised in any way.”
Malicious insiders are unfortunately common sources of data breaches, and internal controls and oversight must be put in place to ensure that data is being handled appropriately by both direct employees and subcontracted staff.
Property Funds World: A survey commissioned by Drooms, a provider of secure cloud solutions, found more than two in five (41 per cent) real estate professionals in Europe believe their industry is unprepared to deal with cyber-attacks.
CSO: With volumes of cybersecurity insurance claims surging, businesses need to be more careful than ever about what their policies do and don’t cover, according to an academic who warned that insurers are becoming more mercenary in their interpretations of cyber events.
Business Wire: Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the results of a survey examining how organizations are addressing industrial control system (ICS) cyber threats.
ZDNet: "Attackers are compromising these enterprise networks in order to access data and eventually the networks of their clients," the National Cybersecurity Agency of France, known locally as ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information), said in a technical report.
Pensions & Investments: In the survey of 531 retirement plan advisers at the NAPA 401(k) Summit in April, 35% of respondents ranked the issue of client retention "very important" compared with 24% the previous year when NAPA first conducted the survey. Thirty-five percent also ranked cybersecurity as very important. Cybersecurity was not included as an option in the 2018 survey.
Forbes: U.S. companies have been abuzz about compliance requirements with the European Union’s (EU) Global Data Protection Regulation (GDPR), which became effective May 25, 2018. The GDPR was so scary because the enforcement provisions allowed fines up to 2-4% of total global turnover.
City A.M.: The UK boss of an unnamed energy firm was tricked into transferring the money following a phone call from that appeared to come from his boss at the German parent company, the Mail on Sunday reported.
The target: Philips Capital Inc, a Chicago-based brokerage firm.
The take: $1 million USD from a client account.
The attack vector: Attackers gained access to internal systems via a successful phishing attempt and impersonated a client of the firm using information they’d gained from reviewing past e-mail correspondences. Gaps in disbursement procedures allowed a requested wire transfer to an unknown bank account to be approved and processed.
While technical controls can protect against cyber-attacks, they cannot always compensate for gaps in procedure and a failure to think critically.
The Moscow Times: The personal details of millions of Sberbank customers may have been leaked, in what would be the largest-ever data breach in Russian banking, according to cyber security experts.
Analysts at cybersecurity firm DeviceLock found personal information relating to up to 60 million Sberbank credit card holders for sale on the black market. They were able to analyse the data of around 200 supposed customers — provided to them by the seller — and verified their authenticity.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montréal
1080 Côte du Beaver Hall, Suite 904
Montréal, QC
Canada, H2Z 1S8
+1-450-465-8880
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy