Cyber Bytes banner RPC law

Cyber_Bytes - Issue 25

05 November 2020. Published by Richard Breavington, Partner and Rachel Ford, Associate and Ridvan Canbilen, Associate

Welcome to Cyber_Bytes, our bi-weekly round up of key developments in cyber, tech and evolving risks.

£18m ICO fine for Marriott Hotels  

The ICO have fined Marriott International an estimated £18.4 million for failure to secure millions of its customers' personal data. The access resulted from a piece of code installed onto a device in 2014 ultimately creating an unrestricted access point to Starwood's systems. The attack remained undetected until September 2018 by which time Starwood had been acquired by Marriott. 

To read more, please click here

Maze Ransomware Group Closes 

The ransomware group, Maze, has officially closed. Maze gained notoriety for encrypting a victim's data and threatening to publish stolen files, often on the Dark Web, unless a ransom was paid following a ransomware attack. A public statement along with a variety of stolen data has been posted to the Dark Web announcing Maze's official closure. 

To read more, please click here or here.

Nando's data breach     

Hackers have targeted thousands of customers' accounts to place large orders with the popular chicken restaurant. Nando's have confirmed that whilst their internal systems remain intact, some individual customers accounts were compromised. The restaurant has promised to reimburse those affected and improve the detection of fraudulent activity.  

To read more, please click here.

Russia face UK sanctions for involvement in cyber-attack on German Parliament 

The UK government has enforced new sanctions including asset freezes and travel bans against Russia for alleged involvements in a 2015 cyber-attack that affected the German federal parliament. The UK government has publicly announced the sanctions are a clear direct message to Russia that there are consequences for undertaking malicious cyber activity.  

To read more, please click here.

Energy Networks Association (ENA) launch new Cyber Security Guidance 

The ENA has published guidance for the energy sector to help mitigate the risk of a cyber-attack. The guidance aims to support distributors in connecting to the grid securely without unknowingly compromising the wider network.  

To read more, please click here.