Clarksons PLC recently announced that it suffered a data breach and warned that hackers might release stolen information soon. The UK shipping services provider did not disclose the size or type of the compromised data, or if any of it belonged to its customers.
Clarksons said on November 29 that initial investigations revealed that the attacker used a single and isolated user account to gain unauthorized access. The said account was quickly disabled. The company assured that they have already put in place additional security measures to prevent a similar incident happening in the future.
Clarksons reportedly did not give in to a speculated ransom demand from the hackers. The company implied that this was the case by saying they would “not be held to ransom by criminals.”
In its announcement, the company warned that hackers might release some of the stolen information. The company did not provide any details on the affected data, only referring to the stolen information as “confidential” and that “lawyers are on standby wherever needed to take all necessary steps to preserve the confidentiality in the information.”
Clarksons is now working with police authorities and security experts and has notified the regulators.
Mitigation and Solution
While data breaches can certainly damage an organization's reputation and bottom line, the owners of the stolen data are exposed to the most risk. Here are some tips on how to prevent and defend against data breaches:
Double check any information that goes into public cloud storage and ensure that these services are properly configured.
Avoid paying attackers, as these will not solve the issue and will often exacerbate it. Instead, organizations and affected parties should work with legal authorities and security experts.
Create a contingency plan that addresses potential security incidents and inform customers and partners of the incident, as well as the steps being taken to mitigate its impact. User notification is a standard of data breach notification laws worldwide, such as the EU General Data Protection Regulation (GDPR).
Users can also protect themselves by monitoring their accounts for signs of potential abuse. If there is any suspicious activity, consider changing passwords and replacing credit cards.
Organizations that rely heavily on cloud storage can look into the use of multilayered solutions such as Trend Micro™ Hybrid Cloud Security, which delivers a blend of cross-generational threat defense techniques optimized to protect physical, virtual, and cloud workloads.
Like it? Add this infographic to your site: 1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).