Saturday 11th May 2024

Good morning everyone, thank you for joining me for today's edition of Cyber Daily. What an eventful week it's been, with events in the press yesterday topping it off.

From schools grappling with cybersecurity breaches to a major healthcare system under cyber siege and a tech giant investigating a data leak, there’s plenty to catch up on. Let’s get into it.

School Cybersecurity Breach Exposes Vulnerable Data

IT systems at around 330 UK schools were hacked last year, potentially exposing sensitive information and photographs of children to the darkest corners of the internet. Experts believe these breaches could lead to the sale of private student data online, including contact details and records on vulnerable students. The Information Commissioner’s Office (ICO) revealed that nearly 3,000 UK organisations fell victim to cyberattacks in the past year, with 11% of those affecting the education sector.

The attacks highlight a critical lack of investment in cybersecurity across educational institutions, often leaving systems open due to weak passwords and outdated software. Tight budgets have pushed schools to rely on donated computers with obsolete security measures, and shared IT resources further exacerbate the vulnerabilities. Stephen Bonner, ICO deputy commissioner, warned that many organisations are neglecting the basics of cybersecurity.

Professor Alan Woodward of the University of Surrey explained that hackers often seek monetary gain from such data, noting grimly that child data can be valuable on the dark web. He emphasised the irony of schools teaching children about online safety while potentially leaving them exposed through insecure networks.

The Department for Education insists it provides cybersecurity support and claims school funding is at its highest level ever. However, with experts sounding the alarm, it’s clear that more must be done to safeguard student data.

Cyberattack Disrupts Major Healthcare System Ascension

Ascension, a leading U.S. healthcare provider with 140 hospitals across 19 states, faced significant disruption due to a cyberattack this week. The breach affected key systems like electronic health records, MyChart (a patient portal), phone lines, and systems used for ordering tests and medications. This left some facilities unable to provide emergency care, forcing ambulance diversions to other hospitals. Non-emergency procedures, tests, and appointments have also been postponed.

The health system, headquartered in St. Louis, detected unusual network activity on Wednesday and immediately launched an investigation, acknowledging that restoration efforts could be time-consuming. Ascension, which also operates 40+ senior living facilities, emphasized the need for patients to call 911 for emergencies and rely on local EMS to identify alternative care options.

The attack on Ascension is part of a broader trend of hackers targeting healthcare organisations. Earlier this year, a ransomware attack on Change Healthcare, a UnitedHealth Group subsidiary, disrupted pharmacy billing nationwide and compromised the personal data of millions of Americans. UnitedHealth had to pay $22 million in ransom to secure its systems.

Cybersecurity remains a critical issue in healthcare, with this latest attack emphasising the need for stronger measures to protect sensitive data and ensure continuity of care.

Dell Investigates Data Breach Impacting Customer Info

Dell Technologies announced it is investigating a data breach that exposed limited customer information through a company portal. While the breach didn't reveal highly sensitive data, it did compromise names, addresses, hardware details, and order specifics, including service tags, descriptions, and warranty info. Payment details, email addresses, and phone numbers were not affected.

Dell assured customers there is no significant risk due to the breach's limited nature and emphasised its dedication to privacy. The company quickly activated its security protocols, contained the breach, and notified law enforcement. Additionally, a third-party forensic firm was brought in for further investigation. Dell urged customers to be alert for tech support scams and suspicious activity and report issues to [email protected].

However, cybersecurity experts noted that a threat actor claimed to possess a database containing personal data of nearly 49 million Dell customers and employees. This could expose names, email addresses, purchase histories, and product details, which might facilitate phishing, scams, and identity theft. The breach also included some employee records.

Despite the lack of financial information, this data can still be exploited in credential stuffing, social engineering attacks, and other schemes. Experts emphasise that even seemingly harmless data can be leveraged for nefarious purposes, underscoring the importance of transparent communication and robust cybersecurity practices. Dell's proactive response aims to uphold customer trust while prioritising data privacy amidst evolving cyber threats.