Our website makes use of cookies like most of the websites. In order to deliver a personalised, responsive and improved experience, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. These cookies are completely safe and secure and will never contain any sensitive information. By clicking continue here, you give your consent to the use of cookies by our website.

Monday, 21 November 2016 17:07

Three data breach - hacker from outside, or employee gone bad?

Posted By 

A few thoughts from Barry Scott, CTO EMEA at security company Centrify on the latest data breach news coming out of mobile network Three, if you plan to cover it:

“Valid credentials were used for the Three data breach, but was the perpetrator a hacker from outside, or an employee gone bad? The extent of the breach is currently unclear – was the stolen data a list of customers eligible for an upgrade, or was it an entire customer database? Maybe only the data of those people eligible for an upgrade has been used so far? Has data not used for the phone upgrade scam made its way onto the dark web, where it may be used for future phishing and hacking attacks?

Compromised credentials are the cause of many major breaches, and the way into the target network is often through trusted third-party suppliers or contractors who are breached first, and may not have such rigorous security as the real target.

Should the user whose credentials were used have had access to whatever data was stolen? Corporate networks often allow far too much access, to too much data, and to too many systems, rather than only allowing the access appropriate for someone’s job.

Multi-factor authentication, where entering a password is combined with other authentication methods, such as acknowledging a notification on your phone, can be used to stop the use of stolen credentials, and full session recording acts both as a strong deterrent to insider threats and a great tool for forensic analysis.

Three should advise affected customers how they can protect themselves against repercussions of this breach. Changing passwords, especially if using the same one on different websites, is often advised and people should have a heightened awareness of suspicious activity on bank accounts, and be especially vigilant for phishing mails.”

Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.

IBM skyscraper2

datazen side

Most Read Articles