Wednesday, November 20, 2024
HomeCyber AttackTop 10 Cyber Attack in Great Britain

Top 10 Cyber Attack in Great Britain

Published on

Since society depends on technology more and more, cybersecurity concerns increase as well. The digital world requires good security measures for businesses and organizations to not lose money and reputation.

The United Kingdom ranks fifth for levels of cybersecurity preparation worldwide. However, it still faces numerous struggles. As for 2021, four in ten businesses and 26% of charity organizations had data breaches within 12 months. The number dropped compared to 2020, but it is still a high number of breaches and it has become known that numerous establishments dropped their guard in the last year. The average cost of a breach almost reached £9,000. Phishing remains the main threat in the country, just like almost everywhere in the world.

We have made a compilation of top-10 cybersecurity breaches in Great Britain to discover and learn from.

- Advertisement - SIEM as a Service

#1 Health and Pharmacy Retailer Boots Under Attack

Boots is a British health and pharmacy retailer with chains in the UK, Ireland, Italy, Norway, the Netherlands, Thailand, and Indonesia. In the UK and Ireland alone, they have over 2,500 shops. Their loyalty card program, the Boots Advantage Card, is especially popular, with over 14,4 million users. And it suffered a massive breach in 2020.

The company noticed that there was suspicious activity with bonus points and decided to shut down the program until the problem is found and fixed. As it turned out, the hackers used compromised passwords from the other breaches. Since users tend to use the same passwords for different websites, hackers just use password dumps from one website and use the same logins for banking or, in that case, the loyalty card program. As Boots confirmed, attackers did not get access to the credit cards and, since the suspicious activity was noticed early, not as many loyalty points were wasted. So there was no financial loss but around 150,000 users were contacted and reminded to change their passwords for all their websites.

The problem of “password stuffing” is a great threat in cybersecurity that companies can barely protect the users from. It is the question of digital world literacy. Governments should teach people to not use the same passwords across all websites and be more aware of their vulnerabilities.

#2 Data of Labour Party’s Members Leaked

The Labour party is one of the leading British political forces which is situated on the center-left of the political spectrum.

In 2021, their third-party supplier was hit by ransomware and, as a result, a great deal of data is now inaccessible neither to the supplier nor to the Labour Party itself. The party issued a statement that was pretty vague so there are no details yet. At the moment, it is known that the data, including financial ones, of its current and former members, registered and affiliated supporters were compromised. Some of the people who have never had to do anything with the Labour Party have also received a breach notification which is worrisome and pulls a question of who the political party has the information on.

It was the second time when the party suffered from ransomware and it both came on their third-party suppliers. There is an important lesson to learn: check up not only on your systems but make sure that you choose third parties with strong cybersecurity as well.

#3 National Health Service Suffered a WannaCry Ransomware Attack

The NHS stands for the National Health Service and it is a British healthcare system funded by the public. It is the fifth-largest employer in the world and the main resource for British patients.

In 2017, the NHS systems were attacked by ransomware, WannaCry. This computer virus encrypts the data in the systems and demands payment for decryption. As a result, healthcare establishments could not function well for some time, around 19,000 appointments were canceled, and 200,000 computers were affected. It cost the organization £92 million to deal with the consequences. No hospital paid the ransom though.

The NHS was told about the possible threat a year in advance but they responded to the notification too slowly and did not communicate the plan for the local establishments well. If the simplest cybersecurity measures were in place, the incident would not have happened. Yet, the service used obsolete systems and local entities did not care about cybersecurity much. There was a series of tests that confirmed that no organization has the right IT tools in place and if the attack happened again, they would not survive it.

#4 Breach of Payday Loan Firm Wonga Affected 245,000 Customers

Wonga was a British payday loan company. They were the first ones to use automatic risk processing and they gave away loans via tablet or even mobile phone. However, their interests were too high which was criticized often. It was that and a massive breach that made the company go down.

In 2017, they faced what would become the biggest data breaches in the UK involving financial information. Around 240,00 customers lost their names, addresses, phone numbers, bank account numbers, sort codes, and, in some cases, the last four digits of customers’ bank cards. The company opened a hotline to clear up the incident but it was not enough since too many users were affected. As a result, they had to wait for hours on hold. The company advised everyone to keep track of their bank accounts.

The firm got too many compensation claims to handle and had to close down. This is how negligence can cost you not only a fortune but a whole business.

#5 Data Theft of Over 157,000 Customers During TalkTalk Telecom Group Breach

TalkTalk is a company that provides television, communication, the Internet, and mobile network services to users across the UK. `they have over 4 million customers and a net income of £153 million as of 2020.

In October 2015, the company experienced a historical data breach. One of the consultants at the AntiSocial engineer called the company and explained to its senior engineers how to hack their website. The company did not encrypt information and did not use firewalls. Later that day, customers experienced serious issues with TalkTalk and their website went down. The company informed that they were hit by a massive cyberattack where 156,959 customers’ names, email addresses, and phone numbers were breached alongside 28,000 credit and debit card information. Hackers blackmailed the company afterward.

There were five hackers, aged 16 to 20 years old and they were all arrested. The company had to pay a record £400,000 fine for their failure and also paid back numerous compensations.

#6 Supermarket Giant Tesco Hacked

Tesco is one of the biggest chains in grocery and general merchandise retail and the ninth company in the world by revenue. It was founded back in 1919 and had 5,000 stores as of 2019. They also have famous subsidiaries like booker shops, a bank and a mobile phone operation.

They went through three attacks in the span of 7 years. The most recent hack was in their supermarket chain. Their website and app were down for two days because of the attack and, consequently, customers could not place their orders. Luckily, customer information was not stolen but the chain had 1,3 million orders weekly and a big part of their profit was lost during those two days.

The biggest hack, however, happened with Tesco bank. In 2016, hackers used virtual debit cards and faulty debit card numbers distribution of the bank. The conflict escalated since Tesco did not react to the incident quickly enough, doing nothing for a whole day after they learned about the incident. As a result, 19,000 lost £2.26 million. The company had to pay them back the money and face a £16.4 million fine for their inability to put up better security efforts.

#7 Cyberattack on the Website of the Travel Association ABTA Affected 43,000 People

ABTA is a trade organization for tour operators and travel agents in the UK. They have been on the market for 65 years and their main responsibilities include issuing travel industry standards and schemes of financial protection and protecting consumers.

In 2017, their website was hacked because of a vulnerability in the web server. The IT security of the ABTA itself was fine, it is the third-party host provider who failed. The company needed 16 days to notify everyone about the breach which was a way too delayed response. Around 43,000 customers, including about 650 ABTA members have suffered because of the breach: their email addresses, encrypted passwords, contact details, and full complaints were breached.

#8 Online Services of Lloyds Bank Are Disrupted Due to Cyber Attack

Lloyds bank has an impressive history of 256 years in which they managed to become the biggest retail bank in Britain. It is also one of the “Big Four” banks.

It seems that the year 2017 was unfortunate for the British companies in terms of cybersecurity, and Lloyds Bank suffered as well. They were hit by a DDoS attack where a lot of traffic was streamlined to their website in order to make it go down. The attacker later contacted the bank and offered to stop the attack for $93,600. Luckily, there was no financial loss but customers could not log in to their bank accounts for several days.

#9 Data Breach of British Airways Affected Over 400,000 Customers

British Airways is the biggest airline in Europe, with 254 fleet sizes and 183 destinations to offer to its customers. In 2019, it transported 145,000 customers every day.

In 2018, they suffered a major data breach: their bookings from August to September were compromised. The hack could have been prevented if the company had user roles, put up multi-factor authentication, and tested their services sometimes. They did not even see the attack until three weeks later. In the course of the attack, 429,612 customers and staff were affected: their names, addresses, payment card numbers, and CVV numbers were breached. The Information Commissioner’s Office issued a £183 million fine but it was lowered to £20 million afterward.

#10 Data of 900,000 Customers Was Leaked During Virgin Media Breach

Virgin Media is a telephone, television, and internet provider in the UK that has over 5,42 million customers.

In 2020, they compromised the data of 900,000 users. There was not an attack but a badly configured database. It was a database for marketing purposes, including customer names, home addresses, emails, phone numbers, and product information. There were no passwords or financial information, luckily. The database was up for anyone to access for 10 months before a security researcher notified the company of its mistake. The communication provider shut down the source of a breach immediately. Virgin Media said that the database was accessed by unidentified users at least once.

The company had to face a lawsuit of £4.5billion and numerous compensation claims. This case highlights that sometimes human mistakes can become the cause of the breach, with no attack needed.

Conclusion

Cybersecurity breaches affect businesses and organizations greatly: some have to face huge fines and compensations while others succumb to the pressure and close down. All the breaches could have been prevented if only establishments cared a bit more about their and their contractor’s security. However, it seems some have to learn the hard way before putting up better security measures.

Contributed by Cyberlands.io – offensive & defensive security operations company.

Latest articles

ANY.RUN Sandbox Automates Interactive Analysis of Complex Cyber Attack Chains

ANY.RUN, a well-known interactive malware analysis platform, has announced Smart Content Analysis, an enhancement...

Rekoobe Backdoor In Open Directories Possibly Attacking TradingView Users

APT31, using the Rekoobe backdoor, has been observed targeting TradingView, a popular financial platform,...

Water Barghest Botnet Comprised 20,000+ IoT Devices By Exploiting Vulnerabilities

Water Barghest, a sophisticated botnet, exploits vulnerabilities in IoT devices to enlist them in...

North Korean IT Worker Using Weaponized Video Conference Apps To Attack Job Seakers

North Korean IT workers, operating under the cluster CL-STA-0237, have been implicated in recent...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

ANY.RUN Sandbox Automates Interactive Analysis of Complex Cyber Attack Chains

ANY.RUN, a well-known interactive malware analysis platform, has announced Smart Content Analysis, an enhancement...

Hackers Hijacked Misconfigured Servers For Live Streaming Sports

Recent threat hunting activities focused on analyzing outbound network traffic and binaries within containerized...

Volt Typhoon Attacking U.S. Critical Infra To Maintain Persistent Access

Volt Typhoon, a Chinese state-sponsored threat actor, targets critical infrastructure sectors like communications, energy,...