Yesterday, nearly 500,000 members of the UK’s Universities Superannuation Scheme (USS) were left vulnerable after an attack on outsourcing firm Capita. The firm handles a range of administrative functions for the USS including finances, HR, and member benefits. Details of the attack remain scarce, but Capita is said to have taken immediate action on discovery of the breach. At present, it is not known what information hackers may have accessed during the attack.
This latest attack on the USS comes at a time when data breaches are affecting an increasing number of organizations worldwide. According to a recent report, the average cost of a data breach for organizations globally now stands at $3.86m, with the UK having one of the highest costs at $4.9m. The report also highlights that the cost of breaches is rising year on year, with a 6% increase in 2021 alone.
Meanwhile, the US Department of Transportation’s transit benefits program, TRANServe, has also suffered a data breach. The attack reportedly occurred in May, with the agency only discovering the breach in July. However, the Department has said that it has no evidence to suggest that any personally identifiable information was accessed. Nonetheless, all users of the program have been advised to change their login credentials as a precaution.
In other news, a joint investigation has been launched by the UK’s Information Commissioner’s Office (ICO) and Ireland’s Data Protection Commission (DPC) into the recent data breach suffered by Latitude Finance. The investigation will assess the extent of the breach, what information has been accessed, and the steps that the company has taken to address the issue. Latitude, a digital payment provider, is believed to have suffered a significant breach, with sources saying that the company’s entire customer database may have been accessed.
Meanwhile, in the Philippines, the country’s National Privacy Commission (NPC) is investigating complaints from users of the mobile payment service GCash. The NPC has received reports from users that their accounts have been accessed without their authorization, leaving them open to fraud and financial loss. The investigation is ongoing, but the NPC has already advised all GCash users to be vigilant and to change their login details where necessary.
The increasing number of data breaches globally highlights the need for organizations of all sizes to improve their cybersecurity practices. Experts suggest that organizations must take a proactive approach to cybersecurity, rather than waiting until an attack occurs to take action. This includes implementing the latest security software, providing regular cybersecurity training to staff, and conducting regular risk assessments and vulnerability testing.
In conclusion, breaches of personal data are becoming increasingly frequent and widespread. It is vital that organizations take stock of their cybersecurity measures and ensure that they are adequately protected against these types of attacks. Failure to do so not only leaves sensitive data and personal details vulnerable, but it also poses significant reputational and financial risks. Organizations must act now to minimize the risks and protect their data and customers from harm.