Mycena CEO was the guest on the latest Silicon UK podcast this August. Founder Julia O’Toole chats to editor David Howell about how companies unsuspectedly shot down their own security when giving to their employees their company access control. Find out more about how Mycena came to be, and how encrypting and segmenting all your access will improve your business security and resilience against cyberattacks. You can listen back to the podcast by visiting the Silicon UK website.
A single hacker has managed to gain access to 5.4 million Twitter accounts. Reports suggest that Twitter suffered a security vulnerability which allowed user data to be extracted. User details are now for sale on a hacking forum, valued at $30,000. Further studies state that the vulnerability had become known to Twitter in January 2022, and has affected up to 1 billion Chinese residents. A spokesperson for Twitter said: “In July 2022, we learned through a press report that someone had potentially leveraged this and was offering to sell the information they had compiled. After reviewing a sample of the available data for sale, we confirmed that a bad actor had taken advantage of the issue before it was addressed.”
While the race for prime minister rages on, former chancellor Rishi Sunak is ahead of his competition Liz Truss in a somewhat unexpected fashion. An annual report from the Treasury reveals that his department has considerably fewer cases of data breaches than hers. Meanwhile, in Truss’ department, there were 117 incidents, 96 of which were considered to be personal data breaches. The majority of attacks have been classed as “data protection issues”.
A recent report from Verizon revealed several crucial insights into cybersecurity. Analysing over 23,000 incidents and 5,000 breaches, the report pinpointed some common issues affecting businesses around the world. Chief among them, the results showed that 82 per cent of all cyber breaches came through human error – weak passwords, stolen credentials, phishing, or human error. Julia O’Toole, Founder and CEO of MyCena Security Solutions, explained how the report showed the weakness of modern organisations’ security practices, “Most companies let their employees control the access credentials to their infrastructure and assets. That is essentially giving up control of access from day one. When someone else controls your company’s digital keys, you are no longer in charge of what happens to them.” Until businesses address the root cause of these breaches, they will continue to happen.
Human error seems to be the cause of a massive Chinese data breach, in which over one billion personal details have been leaked. The story hit when an anonymous hacker offered over 23 terabytes of stolen personal data for sale. These details included highly sensitive data including names, IDs, birth information, addresses, phone numbers and criminal case details. The cause of the severe leak is, apparently, a case of human error. A Chinese government software developer posted a screenshot online which accidentally included code revealing credentials to the major database. Hackers acted, stealing the credentials and downloading the entire database’s contents to sell. With over one billion affected, this may be the largest data leak of all time.
Do attackers target the same victims again? Recent evidence suggests they do. This month, Marriott hotels was the subject of a data breach that exposed customer and staff data. Hackers reportedly stole around 20 gigabytes of data from a Marriott hotel in Maryland, USA – the data included business documents, identifying information, and customer payment methods. A Marriott spokesperson confirmed that this attack seemed to be a social engineering hit on a Marriott employee who gave access information away. This hack is bad news for Marriott, who have now suffered three such attacks in the past five years. In 2018, it suffered a breach that leaked up to 500 million records, and in 2020 lost personal details of around 5 million guests. Proof indeed that hackers will return to the same victims.
