Human error seems to be the cause of a massive Chinese data breach, in which over one billion personal details have been leaked. The story hit when an anonymous hacker offered over 23 terabytes of stolen personal data for sale. These details included highly sensitive data including names, IDs, birth information, addresses, phone numbers and criminal case details. The cause of the severe leak is, apparently, a case of human error. A Chinese government software developer posted a screenshot online which accidentally included code revealing credentials to the major database. Hackers acted, stealing the credentials and downloading the entire database’s contents to sell. With over one billion affected, this may be the largest data leak of all time.

Do attackers target the same victims again? Recent evidence suggests they do. This month, Marriott hotels was the subject of a data breach that exposed customer and staff data. Hackers reportedly stole around 20 gigabytes of data from a Marriott hotel in Maryland, USA – the data included business documents, identifying information, and customer payment methods. A Marriott spokesperson confirmed that this attack seemed to be a social engineering hit on a Marriott employee who gave access information away. This hack is bad news for Marriott, who have now suffered three such attacks in the past five years. In 2018, it suffered a breach that leaked up to 500 million records, and in 2020 lost personal details of around 5 million guests. Proof indeed that hackers will return to the same victims.

A recent survey from cybersecurity company Panaseer has given an insight into the shadowy world of cyber insurance. While many insurers have stripped back their offerings following recent increases in the volume and severity of attacks, several large pay-outs have still been made. Panaseer’s reports gave details of recent insurance claims. In it, the sums revealed that the average cyber breach insurance pay-out in the UK was £3.26 million, and $3.52 million in the USA. These huge sums show the severity of the problem for both clients and insurers – with attackers developing more sophisticated means, 82 per cent of insurers expect premiums to rise. Conditions may also tighten, with 74 per cent of insurers requesting details on cybersecurity approaches before considering a policy.

Email scams are becoming more personalised each day. So much so, that some more recent email scams are even fooling cybersecurity experts. Instead of the scattergun approach that many phishers used to take, email scammers nowadays search the internet and collect personal information that allows them to craft personalised emails. One such attack almost fooled Oliver Buckley, a cybersecurity expert, who received a personal email from his boss asking him to purchase gifts for a client – convincing, until Buckley noticed it was sent from an unknown Gmail address. While this might sound an obvious scam, enough fall for it – phishing cost companies almost £17 billion in damages last year. With more personal emails being developed, it’s more important than ever to carefully check the details of all emails received.

A security advisory has revealed the top 10 vectors exploited by attackers when breaching networks. Top agencies from the United States, United Kingdom, and various European countries contributed to the list, which featured several common issues within cybersecurity. Chief among them were access concerns such as stolen or weak credentials, a lack of multifactor authentication, and unchanged default passwords. Another general theme across the list was a lack of basic best practices – such as unpatched software, incorrectly applied privileges, open ports and poor attack responses. US Homeland Security Advisor Rob Joyce commented, “There’s no need for fancy zero-day exploits when companies give adversaries such easy access options.”

An attack on the Italian city of Palermo, claimed by Vice Society, has left IT teams rushing to restore essential services. The initial breach happened on 2 June, with the municipal website, internal systems, and data storage affected. The incident was then officially declared as ransomware in the following days, before hacker gang Vice Society claimed responsibility. The gang posted an official notice on their website, in a double-extortion attempt, that they would release stolen personal data if a ransom payment was not received. Since then, IT teams have begun to rebuild the city’s network from backups – with several critical services still affected.