Cyber Brief for CFOs: August 2024

Cyber Brief for CFOs: August 2024

Each month, the team at Eftsure monitors the headlines for the latest accounts payable (AP) and security news. We bring you all the essential stories in our cyber brief so your team can stay secure.

Survey reveals widespread ignorance of payment fraud risks

A recent survey has revealed that many companies remain unaware of the risks associated with payment fraud, despite the increasing prevalence of sophisticated scams such as AI-driven deepfakes. The findings indicate a concerning gap in awareness and preparedness, leaving many organisations vulnerable to financial losses.

Interpol recovers over $40 million from international email scam

In a major victory against cybercrime, Interpol recently recovered over USD 40 million in funds stolen through an international email scam. The operation, which spanned 103 countries, targeted business email compromise (BEC) schemes where cybercriminals infiltrated legitimate email accounts to defraud victims.?

It’s a massive win, but it’s worth noting that it’s also the product of an international, coordinated effort. When it comes to online cybercrime and scams, asset recovery is notoriously difficult (and rare). In our conversation with cyber investigator Ken Gamble, he explains why international cybercrime tactics and splintered jurisdictions make it difficult to recover stolen funds.

Banks on high alert for cyber warfare risk

Amid rising geopolitical tensions, Australian banks have been warned of an increased risk of cyber warfare. As critical infrastructure, financial institutions are prime targets for state-sponsored cyberattacks, making it essential for banks to bolster their defences and prepare for potential disruptions.

National Public Data breach exposes info of 2.9b people

In a massive data breach that one expert has called “astounding,” hackers gained access to information held by National Public Data (NPD), a data aggregator that provides background checks.?

The breach has exposed the personal information of over 2.9 billion people, a much bigger number than the US population. But it’s not just the number of people impacted – the breadth and sensitivity of the data is even more worrying. Documents from a lawsuit revealed that the hackers stole unencrypted data, including social security numbers, home addresses, phone numbers, and dates of birth. They then released much of this sensitive information on the dark web.

While the NPD breach stemmed from an incident dating back to December 2023, it appears its sister property – recordscheck.net – was also storing plaintext passwords (that is, unencrypted and easily readable passwords) through a back-end database in a file that was easily accessible from its homepage. Read the full story.?

ADT data breach exposes over 30,000 customer records

American building security giant ADT has confirmed a data breach affecting over 30,000 customers after threat actors illegally accessed databases containing customer information. The firm, which serves approximately 6 million customers across 200 locations in the US and has an annual revenue of $4.98 billion, disclosed the breach in a Form 8-K regulatory filing with the Securities and Exchange Commission (SEC).

The exposed data includes limited customer information such as email addresses, phone numbers, and postal addresses. ADT stated that there is no evidence that customers’ home security systems were compromised or that credit card and banking information was stolen. Read the full story.

Jacqueline Monk

Special Counsel at Walter Baden | Business Lawyer

3 个月

Great content on how AI is changing the threat landscape in cyber security! Interesting to learn that attackers are now compromising email systems of both the target organisation and a supplier to facilitate fraudulent payments. I found the key takeaways around establishing a 'synthetic media response strategy' really helpful.

要查看或添加评论,请登录

Eftsure的更多文章

社区洞察

其他会员也浏览了