…..exposes 13,000 Emails.
Interesting read as reported by V3 today.
Edinburgh Council has already been subjected to a Data Breach, back in 2011, when financial details of people seeking debt advice were compromised.
It’ s unlikely that we will find out the exact details of this recent attack, however, it would be interesting to learn if there were any steps taken back in 2011 to help Edinburgh Council implement some form of Cyber Security regime.
Implementing just the basics, like Cyber Essentials is a step in the right direction, and moving to an internationally recognised compliance model, such as ISO27001 certification, or PCI DSS compliance will ensure that strict controls are in place to help prevent compromise from many of the attack vectors.
A major risk factor will always remain with your employees, and it is beyond what we know about this recent cyber attack to speculate that it might just have been a user error or a member of staff not following a guideline or process.
Click on the link to read the full article. //www.v3.co.uk/v3-uk/news/2417100/edinburgh-council-cyber-attack-exposes-13-000-email-addresses
If you would like to discuss some simple and cost effective ways that you can enhance your security, please get in touch.