Report

Weekly Threat Report 13th April 2018

Created:  13 Apr 2018
Updated:  13 Apr 2018
NCSC Threat Report
This report is drawn from recent open source reporting.

Recent data breaches: GWR and Sodexo

Great Western Rail has advised customers to change their passwords after unauthorised attempts to access GWR.com accounts. The attack likely used password data harvested from other areas of the internet. GWR confirmed that around 1,000 users have been directly affected.

Separately, the facilities management company Sodexo confirmed a targeted attack on its cinema voucher platform Filmology. As the breach resulted in unauthorised access to payment card data, the platform has been taken down for the foreseeable future. The company has advised Filmology users who used the service between 19 March and 3 April to cancel their credit cards.  Advice to cancel payment cards is relatively unusual following a data breach.  

The NCSC advices customers who have online accounts with companies who have reported a data breach to reset their passwords on every service where they have used a similar password.

For further advice, see the NCSC’s previously published password guidance, which individuals and organisations can use to help keep their online accounts secure.
 

Finnish data breach linked to supply chain

A recent compromise of a website belonging to the Finnish Enterprise Agency illustrates some of the risks associated with outsourcing. The maintenance and data security of the website was subcontracted to a third party organisation, which reportedly stored the passwords in clear text.  The breach is estimated to have revealed the usernames and passwords of 130,000 users. The Finnish Communications Regulatory Authority has confirmed it as the third largest data breach in Finland to date, in terms of the number of user accounts compromised.

The NCSC advises against storing passwords in clear text and recommends that passwords are stored using a cryptographic hash.

When outsourcing services, we recommend reading the NCSC’s supply chain guidance. The threat via the supply chain was highlighted as one of the four key trends of 2017 in a joint report - ‘The Cyber Threat to UK Business’ - published by the NCSC and National Crime Agency earlier this week.

--

The Cyber Security Information Sharing Partnership (CiSP) is a great way of learning more about threat information as well as engaging with industry and government counterparts. Follow the link below for more information.

Join CiSP

Was this report helpful?

We need your feedback to improve this content.

Yes No