Welcome back to our latest series covering data breaches, cyber-attacks, and more each month. Breach Breakdown is your go-to source for recapping all incidents and staying up to date on the solutions. August had its fair share of reported cases, with breaches impacting:
Fog Ransomware
As of August 2024, CYFOR has reported the first instance of ‘Fog’ ransomware migrating to the UK, previously targeting U.S. education and recreation sectors. This expansion underscores the rising global threat and the need for robust cybersecurity. But who are Fog? Read more from the CYFOR Team below.
Read more here
NHS Breach Fine
Advanced Computer Software Group, an IT provider for NHS and social care, may face a £6 million fine after a ransomware attack exposed sensitive data and disrupted services. The ICO’s findings point to serious lapses, including the lack of multifactor authentication, affecting nearly 83,000 individuals. Read on below.
Full story here
UK Polling Breach
The UK’s data watchdog found that millions of voters’ personal information was exposed due to unchanged passwords and outdated software. The ICO formally reprimanded the Electoral Commission for this breach, which allowed cyber attackers to access voter data from August 2021, including details of those not publicly available. Discover more below.
Full Piece here
Microsoft Copilot Studio
A critical vulnerability in Microsoft’s Copilot Studio, used for creating AI chatbots, exposed sensitive cloud data across multiple tenants. Researchers found an SSRF bug allowing unauthorised access to internal services like IMDS and Cosmos DB. Though now mitigated, this flaw highlights risks in cloud environments. Learn more through the link below.
Read more hereWant to learn more? Episode Three of Breach Breakdown can be found here.