Issued Date: July 20, 2023 Agency/Authority: Homeland Security and Emergency Services, Division of Objective To assess the extent of implementation of the two recommendations included in our initial audit report, Cyber Incident Response Team (Report 2020-S-58). About the Program Cybercrimes continue to rise. According to the Federal Bureau of Investigation (FBI), complaints of phishing and similar cyberattacks often…
Category: Government Sector
UK Electoral Commission had an unpatched Microsoft Exchange Server vulnerability
Kevin Beaumont writes: You have have read about the hack of the Electoral Commission recently. In this piece we take a look at what happened, show they were running Microsoft Exchange Server with Outlook Web App (OWA) facing the internet, and the unpatched vulnerability that presented. The Electoral Commission ran Microsoft Exchange Server on IP…
Cumbria Police admits huge data breach as names and salaries of staff published online
Jon Macpherson reports: Another police force has admitted a data breach after the names and salaries of all its staff were accidentally published online. Cumbria Police said that on March 6 it found out information about pay and allowances had been uploaded on its website following a “human error”. The force’s admission comes after an…
CT: New Haven Board of Education victim of $6 million cyber theft
Doug Stewart reports: The city of New Haven suffered a $6 million theft in a cyber attack earlier this year it was announced Thursday. To date, law enforcement officials have recovered over half the money. Officials said the cyber attack targeted the Board of Education’s Chief Executive Officer and Chief Operating Officer in what was described…
Russia ‘prime suspect’ in cyber attack which saw names and addresses of 40M UK voters exposed – reports
Imogen Howse reports: Russia is suspected to have been behind a cyber attack which exposed the data of tens of millions of voters in the UK, raising fears it was an attempt to undermine democracy. The Electoral Commission admitted on Tuesday (8 August) that hackers had been able to access reference copies of electoral registers from between the years…
Outrage at massive police data breach that saw the personal details of more than 10,000 PSNI officers and staff accidentally published online
Daisy Graham-Brown reports: Police in Northern Ireland have been involved in a data breach ‘of monumental proportions’ affecting thousands of officers and civilian staff. The major breach reportedly involves names, ranks and other personal data from employees of the Police Service of Northern Ireland (PSNI), but does not involve the officers’ and civilians’ private addresses, it is…