Three Mobile have admitted suffering a data breach, a breach that could put at risk the personal details of up to 6 million customers. The hackers successfully gained access to the Three Customer Upgrade Database by using an employee login. Three have admitted that details from 130,000 of their customers is known to have been stolen.
The migration towards cloud applications and away from in-house legacy desktop applications is a trend fundamentally driven by the lower total cost of ownership web solutions offer. New cloud alternatives are replacing on-premise solutions, but it is not happening overnight. The prospect of replacing all on-premise applications with cloud solutions in one fell swoop would bring most organisations to a standstill, so while the ultimate goal for many companies is to migrate to the cloud, the reality is that there will be a mix of cloud and legacy applications in use for the foresable future.
Half a billion user records have been stolen from Yahoo, in what the company have called a "State Sponsored" hack. Yahoo's belief that it's the victim of a state sponsored hack has been questioned by some commentators, not least Yahoo's former engineering Infosec chief, Jeremiah Grossman, who suggested that "State-sponsored adversaries don’t typically publicly share stolen data or sell it".
Data breaches make the headlines when they affect big brands, but 90% of all large organisations now admit to having been hacked*. While the average cost of a data breach is not pocket change at £2.3m, the biggest damage is reputational – for both the company and the C-Level execs who take the blame and lose their jobs.
With the last 12 months being a bumper year for hacks, we wanted to take a look back at the 10 most disastrous UK data breaches, spanning the last 10 years:
It’s been reported there has been a security breach at one of our competitors, OneLogin, where a hacker has been able to access customer 'Secure Notes'.
Accountancy software firm, Sage, has suffered a data breach, in which "personal details and bank account information for employees of as many as 300 large UK companies may have been compromised."
Sage announced that they were "investigating unauthorised access to customer information using an internal login”. City of London police are currently investigating to determine who was responsible.
We are delighted to announce that My1Login has been selected as a G-Cloud 8 supplier – the UK Government procurement framework for public-sector bodies.
My1Login’s Identity & Access Management solution is now available to procure through this latest framework agreement on the Digital Marketplace.
Data breaches where user credentials have been stolen and leaked online are all too common, and the aftermath follows the same pattern. The Service Provider will investigate, invalidate the affected login credentials and require users to reset passwords. But, what happens when credentials are stolen from applications that are no longer in use in your organisation, applications that were probably long abandoned? There's no action required and no need to be concerned, right?