The idea persists among enterprise network security specialists that a single vulnerable point, or an unsuspecting employee, is sufficient for hackers to get access to an organization’s infrastructure. British shipping company Clarksons PLC reinforced this idea after discovering a data breach this week suffered between May and November 2017.
The shipping company issued a press release on July 30 to notify any affected person that the enterprise was the target of a cyber security incident in which an unauthorized third party accessed certain Clarkson PLC information systems in the UK, then copied data and demanded a ransom for his safe return.
As soon as they acknowledged the incident, Clarkson PLC started an enterprise network security investigation and took steps to respond to incidents and mitigate risks. The steps the enterprise took, according to the press notice, were: notify the regulators, work with external forensic investigators and inform the police authorities.
Clarksons found through the investigation that the attacker had accessed its systems at some point from May 31, 2017. According to reports, this malicious agent obtained access to personal data from an unspecified number of individuals.
The data, which the perpetrator copied and demanded ransom for return, included: date of birth, contact information, medical information, tax information, insurance information, social security number, resume, driver license information, bank account data, passport information, payment card information, ethnicity, digital signature, financial information, and criminal background information.
The company found that unauthorized access was obtained through a single, isolated user account. Upon discovering this access, Clarksons immediately disabled this account. Through research and legal action, Clarkson was able to successfully obtain and recover a copy of the data that was illegally stolen from its systems. Clarksons is now cautiously notifying individuals who could have been affected by this data breach.
Enterprise network security specialists from the International Institute of Cyber Security report that right after knowing about the breach, Clarksons improved their security measures and is now providing potentially affected people with information about this event and the additional steps they can take to better protect their personal information. The company also offers potentially affected individuals access to a year of identity protection services for free.