Our latest round up of recent cybercrime news stories from Phil Ashley, Director of Crossword Labs. A pick of the weird, unexpected and sobering reminders of why we need to work together to stay on top of cybersecurity.
JD SPORTS FALLS VICTIM TO CUSTOMER DATA BREACH
International sports fashion retailer JD Sports recently announced that it has suffered a data breach, impacting 10 million customers’ personal information including names, addresses and phone numbers.
The data breach was announced on the 30th of January, involved customer data from between November 2018 and October 2020 and impacted online orders placed with JD Sports and its sub-brands. It was stated that no payment information was compromised, and there was no evidence of password access. In response, JD Sports have contacted relevant authorities, hired leading cyber security experts, and urged customers to remain vigilant for potential phishing.
MILLIONS OF USERS COMPROMISED IN LATEST T-MOBILE DATA BREACH
37 million user accounts at T-Mobile were recently affected by a data breach that exposed names, birthdates, and phone numbers.
The breach was discovered on January 5th, after a hacker had used an API to exfiltrate customer information for more than a month. Within a day of its discovery, T-Mobile tracked down the source and mitigated the vulnerability that led to compromise. T-Mobile claimed that no critically sensitive data was obtained and released a statement saying that they stopped the malicious activity within 24 hours of discovery. This is the second major hack in less than two years.
NEW RANSOMWARE ‘LOCKBIT’ INFECTS CRITICAL ROYAL MAIL SYSTEMS
Due to a cyber-attack connected to ransomware organisation, LockBit, Royal Mail experienced serious disruptions to its international delivery service.
Royal Mail warned clients not to send foreign letters and packages until the problem is rectified – the ‘LockBit’ ransomware attack affected the computer systems used to dispatch deliveries abroad. According to leaked negotiations between LockBit and Royal Mail, the hacking group made ransom demands of over £65 million.
Find out more about Crossword's cybersecurity and vulnerability monitoring service, Nightingale.
Find out more about Crossword's breached email account monitoring service, Trillion, to ensure your employees' details have not been leaked.