Contractor Database Leak Exposes 500K Irish Police Vehicle Seizure Records

By Waqas
This marks the fourth data security incident to affect a UK police department in 2023.
This is a post from HackRead.com Read the original post: Contractor Database Leak Exposes 500K Irish Police Vehicle Seizure Records
Continue reading Contractor Database Leak Exposes 500K Irish Police Vehicle Seizure Records

Northern Ireland’s Top Police Officer Apologizes for ‘Industrial Scale’ Data Breach

Northern Ireland’s top police officer apologized for what he described as an “industrial scale” data breach in which the personal information of more than 10,000 officers and staff was released to the public.
The post Northern Ireland’s Top Polic… Continue reading Northern Ireland’s Top Police Officer Apologizes for ‘Industrial Scale’ Data Breach

Irish Police Data Breach Rattles Northern Ireland’s Security Landscape

By Habiba Rashid
The Police Service of Northern Ireland (PSNI) experienced a severe security breach, unintentionally revealing personal details of its entire workforce, including officers and civilian staff.
This is a post from HackRead.com Read the or… Continue reading Irish Police Data Breach Rattles Northern Ireland’s Security Landscape

Dublin Airport staff pay details stolen by hackers after MOVEit attack at third-party provider Aon

Staff at Dublin Airport have been warned that their personal data has fallen into the hands of hackers, following a data breach at a third-party service provider.

Read more in my article on the Hot for Security blog. Continue reading Dublin Airport staff pay details stolen by hackers after MOVEit attack at third-party provider Aon

Meta Fined €265 million in Facebook Data Scraping Case in the EU

By Habiba Rashid
The incident led to the publication of data on Irish police, sitting judges, prison officers, social workers, journalists, and others, leading to a spike in scam calls and texts in Ireland.
This is a post from HackRead.com Read the ori… Continue reading Meta Fined €265 million in Facebook Data Scraping Case in the EU

On the Irish Health Services Executive Hack

A detailed report of the 2021 ransomware attack against Ireland’s Health Services Executive lists some really bad security practices:

The report notes that:

  • The HSE did not have a Chief Information Security Officer (CISO) or a “single responsible owner for cybersecurity at either senior executive or management level to provide leadership and direction.
  • It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event.
  • Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system. Antivirus software triggered numerous alerts after detecting Cobalt Strike activity but these were not escalated. (The antivirus server was later encrypted in the attack).

Continue reading On the Irish Health Services Executive Hack