As you could probably tell from our previous blog posts, there have been quite a lot of breaches this year already. We are only coming up to the middle of the year and we have already seen huge breaches resulting in losses of financial and personal data, funds, and more. Cyber attackers have continued to become more ruthless in their methods and constructed threats, and those lacking in security are learning that first hand. In yet another breach to add to the tally, though a minor one, the financial services organization Old Mutual has now been hit.
Old Mutual had begun notifying their customers of the breach after discovering that there had been unauthorized access to one of its systems. The perpetrator had accessed the personal information of a somewhat smaller customer group within South Africa, and this included names, telephone numbers, and a portion of investment values. They said that the breach did not result in any financial losses and that there was no access to credit card or bank information, transaction data, passwords, or medical data. Upon discovering the breach, Old Mutual had immediately closed the access point, and control processes had kicked in to protect more critical data. They also said that they have taken further action to improve security and systems and that they have continued to remain vigilant. The firm had then gone about contacting all potentially affected customers, as well as alerted them to watch for fraudulent contact. There does not appear to be any reports regarding whether the source of the breach was identified.
Old Mutual’s Handling of the Breach
Even with this being a somewhat minor incident in comparison to what could have been, it appears that Old Mutual is taking it extremely seriously. This is a very smart way to approach it, as it not only ensures that their customers see that they are handling it but also displays the fact that addressing it is important to them. They said in a statement, “We would like to sincerely apologize for any concern this may raise with our customers. We view this case in a very serious light – one customer is one too many. We assure you we are conducting stringent reviews to ensure that no incident of this nature is repeated.” Many organizations would likely take a much more lazy approach to this type of breach and treat it as a relatively unimportant issue simply because no financial data was affected. But, any breach can be a danger to an organization, and they must be treated and handled as such.
Handling a Data Breach with Cyber Investigation Services
When an organization is victimized by a cyber attack/data breach, there comes the matter of addressing the direct vulnerability, as well as attempting to trace the source. When a perpetrator is able to compromise data, it is vital to attempt to identify them and mitigate the spread or use of that data. There is a multitude of different aspects of a breach that need to be reviewed and evaluated for this purpose, which is where cyber investigation services are beneficial. Many organizations may not know where to begin when it comes to investigating a breach, and outside help must be recruited. Thorough cyber investigation services will be able to discover how the breach was achieved, as well as trace the perpetrator so that further actions can be taken. This could include simply eliminating the malicious campaign or pursuing legal measures. Massive Alliance’s comprehensive cyber investigation services can help an organization to mitigate data breaches and cyber attacks.