Has your data been a casualty of a recent data breach?

Posted 28th February 2023

Data breaches have become increasingly common in recent years and are affecting more and more people every day.

Many small businesses have also been affected; such breaches and cyber-attacks can cause devastation.

We have collated some of the recent data breaches that have significantly impacted individuals and businesses. 

The Pope's Website - Reportedly Hacked  

In November 2022, Pope Francis' website was removed from the internet after cyber hackers reportedly attacked it. It was suggested that Vatican officials had identified abnormal attempts to try to enter the website, and it was offline for a number of hours whilst they investigated the issue.

Air France and KLM Flying Blue Customer Accounts Hacked  

Air France and KLM recently had to notify their Flying Blue loyalty scheme customers that an undisclosed amount of their personal information was exposed by and to hackers after a cyber-attack. Whilst it is believed that no air miles were stolen in the attack, Flying Blue users were advised to change their password immediately.  

Aflac and Zurich insurance policyholders in Japan targeted  

In Japan, more than 1.3 million cancer insurance policyholders with Aflac had their personal information released onto the dark web following a hack on a third-party contractor. Also, around 760,000 Zurich car insurance policyholders in Japan were similarly affected. Personal data released onto the dark web included policyholders' last names, ages, gender, and insurance details, including reference numbers, the amount of coverage they had, and the cost of their policy.  

Database of Romanian hospital encrypted in a ransomware attack  

In December 2022, hackers targeted the Saint Gheorghe Recovery Hospital in Botoşani, Romania, with a ransomware attack. The attack, unfortunately, meant that medical services at the hospital were affected. The hackers could access a database held in one of the hospital's departments by using a remote connection used by a maintenance company that worked with the hospital. The hackers were able to encrypt the database and disable it for use. They demanded a ransom of 3 Bitcoin, or approximately EUR 46,400, to unencrypt the database. With its database out of use, the hospital could not accurately report on the services it performed in December. It, therefore, could not receive the funding for them from suppliers. 

Royal Mail cyber-attack carried out by a Russian-linked ransomware gang.  

A ransomware gang with links to Russia reportedly carried out a recent Royal Mail cyber-attack. The attack suspended international postal deliveries and disrupted many customers in the UK. The gang is called Lockbit, and they infected machines in Royal Mail sorting offices that print customs labels for parcels being sent abroad. The attack was devastating and meant that more than half a million parcels and letters were stuck in limbo and unable to be shipped. Lockbit is known to have a signature ransomware, known as Lockbit Black, which scrambles computer files and demands payment in cryptocurrencies that are incredibly hard to trace in exchange for unscrambling them.

Sensitive data about students at Cambridge University Students' Union was shared online for many months after being reported. 

Sensitive data relating to Cambridge University students continued to be shared with students running elections on Cambridge Students' Union's voting platform - months after the issue was initially raised. It has been suggested that the issue took around nine months to resolve. The data included information about students' gender, race, sexuality and disabilities. It was erroneously made available to students running elections on the platform without the prior knowledge of the students who provided the data in good faith. 

Yum! Brands, who operate KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill restaurant chains in the UK, have been targeted by a ransomware attack. 

In January 2023, Yum! Brands confirmed that data was stolen in a recent cyber-attack but didn't see any evidence that customer information had been exposed. However, the attack did cause 300 UK restaurants to close briefly after the attack. 

JD Sports Hacked, and up to 10 million customers have been affected. 

Sports and fashion chain JD Sports has revealed that the sensitive and financial information of up to 10 million of its customers was possibly accessed by hackers in a cyber-attack. The incident was reported in January 2023, although it is unclear when the attack occurred. It appears to have affected numerous online orders placed.

Find out how to keep your business data secure,book a cyber security call with Lee Pepper.