The transport industry is a high profile target for cybercriminals after both British Airways and Air Canada were struck by data breaches that potentially affected hundreds of thousands of their customers.
The UK carrier’s incident included the theft of “personal and financial details” from bookings through ba.com or its app, compromising around 380,000 people between August 21st and September 5th.
In Air Canada’s attack, which the company shut down after noticing “unusual login behaviour” over a two-day period in August, was focused on its app that is used by around 1.7 million people. Air Canada said in region of 20,000 profiles were “improperly accessed” and it began to contact affected parties directly.
Air Canada required all of its customers to reset passwords with a more “robust” alternative as a preventative measure and attempted to allay fears of a further breach by locking all Air Canada mobile app accounts after the end-of-August attack.
“We detected unusual login behaviour with Air Canada’s mobile App between Aug. 22-24, 2018. We immediately took action to block these attempts and implemented additional protocols to protect against further unauthorized attempts,” read a statement on the Canadian company’s website.
BA, Marriott Face Massive Fines For Data Loss
If proof was needed that poor data protection is bad for the corporate wallet, two examples have demonstrated that substantial fines face those organisations that have lax data security.read more
Cumbria First Police Force To Utilise NMC Tools
Cumbria Constabulary has become the first police force to use the National Management Centre (NMC) for cybersecurity set up under the National Police Chiefs’ Council (NPCC).read more
Phishing Attacks Bypassing 2-Factor Authentication
Penetration testers and attackers have a new tool in their arsenal that can be used to automate phishing attacks in a way that defeats two-factor authentication (2FA) and is not easy to detect and block, reports CSO Magazine.read more
Third of Breaches Caused By Unpatched Vulnerabilities
IT security professionals have admitted that a third of cybersecurity breaches are the result of vulnerabilities that they should have patched.read more