fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

UK Rail Network Merseyrail Likely Hit by Lockbit Ransomware

UK Rail Network Merseyrail Likely Hit by Lockbit Ransomware

UK rail network Merseyrail has confirmed a cyberattack after a ransomware gang used their email system to email employees and journalists about the attack.

Merseyrail is a UK rail network that provides train service through sixty-eight stations in the Liverpool City Region in England.

“We can confirm that Merseyrail was recently subject to a cyber-attack. A full investigation has been launched and is continuing. In the meantime, we have notified the relevant authorities,” Merseyrail told BleepingComputer yesterday after we received a mysterious email earlier this month from the account of Andy Heath, the Director of Merseyrail.

Ransomware gang uses Merseyrail’s email system against them

While the cyberattack has not been publicly disclosed, BleepingComputer learned of the attack after receiving a strange email on April 18th from Heith’s email account with the mail subject, “Lockbit Ransomware Attack and Data Theft.”

This email was sent to BleepingComputer, various UK newspapers, and the staff of Merseyrail in what appears to be a takeover of the Director’s @merseyrail.org Office 365 email account by the Lockbit Ransomware gang.

Also Read: The 3 Main Benefits Of PDPA For Your Business

In this email, the threat actors pretended to be Merseyrail’s Director telling employees that a previous weekend’s outage was downplayed and that they suffered a ransomware attack where the hackers stole employee and customer data.

Included in the email is a link to an image showing an employee’s personal information that Lockbit allegedly stole during the attack.

After numerous attempts to contact Merseryrail and confirm the attack, we finally received the rail network’s statement last night.

“It would be inappropriate for us to comment further while the investigation is underway,” Merseyrail told BleepingComputer when we questioned how the Director’s email was compromised.

In response to our queries, the UK Information Commissioner’s Office (ICO) also confirmed that Merseyrail made them aware of the “incident.”

“Merseyrail has made us aware of an incident and we are assessing the information provided,” the ICO told BleepingComputer via email.

Ransomware gangs aggressively extort victims

Over the past year, ransomware gangs have become increasingly aggressive in their extortion tactics.

In the past, ransomware attacks consisted of threat actors stealing victims’ data and then encrypting their files to force a ransom payment.

Over time, threat actor’s tactics have escalated to performing DDoS attacks on victims’ networks and websites, emailing customers and journalists, and threatening to contact stock exchanges.

Sadly, while these attacks are ongoing, the employees and customers are usually the last to know what is happening with their data and organization.

Also Read: What Do 4 Messaging Apps Get From You? Read The iOS Privacy App Labels

Using a victim’s email system to promote their attacks to both employees, journalists, and customers could turn that on its head.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us