Tailoring Cyber Tabletop Exercises for Banking & Finance Institutions

Date: 23 April 2024

Featured Image

The Banking and Finance Sector is amongst the top targets of cyber criminals - for obvious reasons. Sensitive customer data, high-worth transactions, critical banking operations and a tremendous amount of reputation damage with one cyber-attack.

The stakes in this industry are as high as they get, in financial and theatrical terms - a mix that the advanced criminal tends to love. This is why Cybersecurity Tabletop Exercises (or Cyber Security Drills) for the Banking and Finance sector have quickly become a top priority.

In this blog, we’ll take a quick look at: 

  1. The Major Cybersecurity Challenges of the Banking and Finance Sector
  2. Why are Cyber Drills Critical for this Industry? 
  3. Tailoring Cyber Tabletop Exercises for the Banking & Finance Sector
  4. Major Cyber Attacks in the Banking and Finance Sector in recent past

Major Cybersecurity Challenges of the Banking and Finance Sector 

The financial industry is extremely sensitive to the repercussions of a security incident. A single breach can lead to catastrophic financial losses for the business and its customers. Legal challenges quickly follow and can severely jeopardise business reputation for years to come.

In fact, the new EU DORA regulation is specifically focussed on digital operational resilience of banking and finance entities in the EU in case of a cybersecurity event. The regulation comes into force in less than 10 months and draws our attention to just how critical cybersecurity in financial industry is.   

With the increasing digitisation of financial services, from online banking to digital transactions, the sector has become more vulnerable to cyber attacks than ever before. Moreover, the rise of fintech and the proliferation of mobile banking applications have introduced new threats in the already complex digital landscape. 

The top challenges and types of attacks that this business sector faces include: 

  • Malware and ransomware attacks that can cripple entire systems
  • Customer Data Breaches
  • ATM Fraud
  • Fraud and pilferage associated with Banking PINs, OTPs etc. 
  • Sophisticated phishing schemes aimed at obtaining sensitive information 
  • Insider threats, whether intentional or accidental 

cyber tabletop scenarios

Why are Cyber Tabletop Exercises for the Financial Sector so Important? 

The Banking and Finance industry has always needed to prioritise cybersecurity , recognizing that a robust defence mechanism is not just about protecting data, but also about safeguarding the integrity of the financial system.

A single data breach in this sector can mean significant amounts of sensitive financial and personal information of customers being compromised. This leads to immediate loss of customer trust and business reputation. Business continuity is also critical for the industry to function seamlessly and retain its customers. 

However, only strategy and documents aren’t enough. The finance industry has to accelerate the pace at which it works on its Cyber Incident Response. 

Having effective cyber incident response plans is the first step in this direction. But it’s equally important to test and measure the effectiveness of these plans. Security team members need to build muscle memory for these plans and become better aware of their individual roles and responsibilities through regular cyber tabletop exercises

The DORA regulation, as discussed above, also underlines the importance of scenario-based testing of Digital Operational Resilience of financial entities.  

All of this may sound overwhelming, but it doesn’t have to be so complicated. This blog will help you understand how to conduct a successful tabletop exercise for the banking and financial sector. Using past attacks on the sector, covered later in the blog, you can create a cyber attack scenario suited to your business. You might also want to get started by downloading our Cyber Tabletop Exercise Template document which shows you how to create your own bespoke cyber simulation drill. 

Cyber Tabletop Exercise Template

Tailoring Tabletop Exercises for the Banking and Financial Sector

Customising tabletop exercises for the banking and finance sector involves understanding the unique landscape of cyber threats in this domain. At Cyber Management Alliance, we firmly believe in creating bespoke tabletop exercises that specifically address the challenges of our clients’ business and industry. This means incorporating scenarios that reflect actual risks faced by banks, such as data breaches, fraud, and service disruptions. 

Take a look at our Top 30 Cyber Attack Tabletop Exercise Scenarios document for a comprehensive idea of attack scenarios and threat actors you must rehearse for. This document also contains a list of the top 20 asset categories that must be prioritised.  

Here are some of the most important factors to consider when designing a cyber security drill for this sector: 

1. Realistic Scenario Development: Developing realistic scenarios is crucial for effective tabletop exercises. These scenarios should be based on a thorough risk assessment, reflecting the most pressing cyber threats to the banking and finance sector.

For instance, a scenario might involve a simulated attack on the bank's online transaction system, testing the institution’s ability to quickly identify and mitigate the breach while maintaining operational continuity. The key is to create scenarios that are specific enough to provide actionable insights while being broad enough to test a range of response strategies.

2. Regulatory Requirements: The exercise should consider the specific regulatory environment, customer expectations, and the technological infrastructure of financial institutions. This ensures these exercises are relevant, challenging, and effective in strengthening the cybersecurity posture of the sector.

3. Inspired by real-world threats: To maximise the impact of tabletop exercises, integrating real-world cyber threats specific to banking and finance is essential. This involves studying past cyber incidents within the sector and incorporating these insights into the exercise. Going through the  table below would be particularly helpful to achieve this goal. 

By simulating actual events, such as a recent phishing attack that targeted multiple banks, participants can gain a deeper understanding of the tactics used by cybercriminals and how to effectively counter them. The exercise can be enriched with questions such as - “What would you do if this happened to us?” 

This approach not only enhances the realism of the exercise but also ensures that the lessons learned are directly applicable to real-world scenarios.

4. Lessons Learned: The final step is the application of lessons learned from these attack simulations. This involves critically analysing the responses and outcomes of the exercise. By dissecting both successful and unsuccessful strategies, financial institutions can improve their cybersecurity plans and cyber incident response playbooks accordingly. This continuous learning and adaptation process is crucial for staying ahead of evolving cyber threats.

In the banking and financial sector, bespoke cyber tabletop exercises are indispensable for ensuring robust cybersecurity preparedness. The impact of cybersecurity incidents on organisations in this industry can be much greater than others. Therefore, tailored exercises are critical to ensure adequate engagement and a deeper understanding of the threats that loom large. 

Further, exercises that cater specifically to the unique vulnerabilities and operational frameworks of financial institutions bring out more meaningful responses from all participants. They’re encouraged to think critically and practise decision-making for real-life attacks. 

Back To the Top

New call-to-action

Recent Cyber Attacks on Banking and Finance Sector 

Analyzing past cyber attacks in the financial sector is crucial for effective cyber tabletop exercises. This retrospective view offers valuable insights into the patterns, tactics, and consequences of real-world cyber threats specific to this industry.

By delving into previous incidents, you can pinpoint common vulnerabilities and draw lessons from the failures and successes of others when it comes to incident response. This reflective approach facilitates the development of more authentic and demanding scenarios for tabletop exercises tailored to the industry. It also ensures that the exercise not only imparts theoretical knowledge but also practical applicability.

Back To the Top

Event Date Financial Institution Incident Threat Actor Impact Source
March 18, 2024 Nations Direct Mortgage Nations Direct Mortgage alerts 83,000 to personal data leaks from December cyber attack Unknown Nations Direct Mortgage said more than 83,000 customers were affected by a late 2023 data breach that leaked Social Security numbers and other sensitive information. Nations Direct Mortgage Data Breach
March 15, 2024 International Monetary Fund International Monetary Fund email accounts hacked in cyber attack Unknown The International Monetary Fund (IMF) disclosed a cyber incident after unknown attackers breached 11 IMF email accounts earlier this year. The investigation determined that eleven (11) IMF email accounts were compromised, but the IMF didn't provide other details regarding the breach. The organisation confirmed that it uses the Microsoft 365 cloud-based email platform. IMF Email Hack
March 08, 2024 Financial services firm Paysign Paysign investigating reports of consumer information data breach A cybercriminal forum user with the name "emo" Paysign said it is investigating reports of a data breach involving consumer information after hackers tried to sell a database allegedly belonging to the company containing millions of records as on March 06, 2024. A cybercriminal forum user with the name "emo," claimed to have stolen 1,242,575 records containing the full names of customers, addresses, dates of birth, phone numbers and account balances. Alleged Data Breach at Paysign
February 13, 2024 Prudential Financial Prudential Financial breached in data theft cyber attack ALPHV Ransomware Prudential Financial disclosed that its network was breached, with the attackers stealing employee and contractor data before being blocked from compromised systems one day later. Prudential said that the cybercrime group accessed Company administrative and user data from certain information technology systems and a small percentage of Company user accounts associated with employees and contractors. Prudential Financial Data Theft
February 12, 2024 Bank of America Bank of America warns customers of data breach after vendor hack LockBit Ransomware Bank of America warned customers of a data breach exposing their personal information after Infosys McCamish Systems (IMS), one of its service providers, was hacked last year. Customers’ personally identifiable information (PII) was exposed in the security breach including the affected individuals' financial information, account and credit card numbers. Bank Of America Data Breach
January 29, 2024 California-based insurance brokerage and consulting firm Keenan Keenan warns 1.5 million people of data breach after summer cyber attack Unknown Keenan & Associates has sent notices of a data breach to 1.5 million customers, warning that hackers accessed their personal information in a recent cyber attack.  Keenan & Associates Data Breach
January 22, 2024 Fintech firm EquiLend Global fintech firm EquiLend offline after recent cyber attack LockBit ransomware representative, LockBitSupp A global financial technology firm EquiLend said its operations were disrupted after some systems were taken offline in a cyber attack. Following the incident, the company also detected unauthorised access to its network and is now working to restore all affected services. EquiLend Cyber Attack
January 19, 2024 Financial Services Platform Payoneer Payoneer accounts in Argentina hacked in 2FA bypass attacks Sombraman1919-(BreachForums name) Numerous Payoneer users in Argentina reported waking up to finding that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Payoneer 2FA Bypass Attacks
January 10, 2024 Fidelity National Financial Fidelity National Financial: Hackers stole data of 1.3 million people BlackCat Ransomware Fidelity National Financial (FNF) has confirmed that a November cyber attack has exposed the data of 1.3 million customers. Fidelity National Financial Data Breach
January 08, 2024 US mortgage lender loanDepot US mortgage lender loanDepot confirms ransomware attack Unknown Mortgage lender loanDepot said that approximately 16.6 million people had their personal information stolen in a ransomware attack. The attack caused the company to take IT systems offline, preventing online payments against loans. loanDepot Ransomware Attack
January 02, 2024 Blockchain platform Orbit Chain Orbit Chain loses $86 million in fintech hack Sophisticated state-sponsored attackers believed to be based out of North Korea Orbit Chain has experienced a security breach that has resulted in a loss of $86 million in cryptocurrency, particularly Ether, Dai, Tether, and USD Coin as Orbit Chain's balance went from $115M to $29M instantly, meaning that the losses are estimated to be about $86,000,000. Orbit Chain Hack
December 28, 2023 Risk and financial advisory company Kroll Kroll reveals FTX customer information exposed in August data breach Unknown Kroll released additional details regarding the August data breach, which exposed the personal information of FTX bankruptcy claimants as Kroll said the exposed data included coin holdings and balances, which would allow threat actors to pinpoint attractive targets who invest heavily in the cryptocurrency markets. Kroll Data Breach
December 26, 2023 Fidelity National Financial subsidiary LoanCare Fidelity National Financial subsidiary says 1.3 million affected by November cyber attack ALPHV/BlackCat Ransomware LoanCare, a subsidiary of title insurance giant Fidelity National Financial reported a data breach to state regulators. It said that 1,316,938 people had information accessed by hackers who breached the parent company on or about November 19, 2023.  LoanCare Data Breach
December 21, 2023 First American Insurance First American becomes latest real estate industry giant to be hit by a cyber attack Unknown Insurance company First American confirmed that it is dealing with a cyber attack that forced it to shut down certain systems. First American Cyber Attack
December 15, 2023 Mortgage company Mr. Cooper October cyber attack leaked data of 14.7 million people, mortgage giant Mr. Cooper says Unknown According to the latest update, mortgage loan servicer Mr. Cooper said the information of nearly 14.7 million people was leaked during a cyber attack in October 2023. Mr. Cooper Data Breach
December 12, 2023 Russian Federal Taxation Service (FNS) Ukraine’s intelligence claims cyber attack on Russia’s state tax service Ukraine's security services (SBU) Ukraine's defence intelligence directorate (GUR) said it infected thousands of servers belonging to Russia's state tax service with malware, and destroyed databases and backups. During the operation, Ukraine's military spies said they managed to break into one of the "key well-protected central servers" of Russia's federal tax service (FNS) as well as more than 2,300 regional servers throughout Russia and occupied Crimea.  Russian Federal Taxation Service Cyber Attack
December 11, 2023 Central Bank of Lesotho Central Bank of Lesotho faces outages after cyber attack Unknown The central bank of the southern African country Lesotho faced severe outages due to a cyber attack that forced it to shut down its systems. Central Bank of Lesotho
December 03, 2023 Tipalti Accounting Software Technology company, Tipalti, investigates claims of data stolen in ransomware attack ALPHV/BlackCat Ransomware The threat actors claimed to have stolen 265 GB of data, including data for Twitch and Roblox, which they said they will extort separately. Tipalti Ransomware Attack
November 10, 2023 The Industrial and Commercial Bank of China's (ICBC) China's biggest lender ICBC hit by ransomware attack LockBit Ransomware (Apparently) The Industrial and Commercial Bank of China's (ICBC) U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Thursday, the latest in a string of victims ransom-demanding hackers have claimed in the year. ICBC Ransomware Attack
November 06, 2023 EFU Life Assurance INC RANSOM hits Pakistani insurance company EFU Life Assurance INC RANSOM (A ransomware group) Hackers apparently stole files belong to EFU Life Assurance. EFU Life Assurance ransomware attack
October 21, 2023 American Family Insurance American Family Insurance confirms cyber attack is behind IT outages Unknown
Insurance giant American Family Insurance has confirmed it suffered a cyber-attack and shut down portions of its IT systems after customers reported website outages all week.
American Family Insurance Cyber Attack
September 27, 2023 ChildFund NZ ChildFund NZ discloses third-party breach Unknown ChildFund does not say when it may have stopped working Pareto, but Pareto suffered a cyber attack in April of this year that resulted in personal information of ChildFund NZ donors being accessed by an unknown party. ChildFund NZ is one of 70 charities impacted by the Pareto breach. ChildFund Data Breach
September 27, 2023 Philippine Health Insurance Corporation (PhilHealth) Philippines state health org struggling to recover from ransomware attack Medusa Ransomware Gang The ransomware incident forced Philippine Health Insurance Corporation to take several websites and portals offline as the ransomware gang gave PhilHealth 10 days to pay several different ransoms, including $100,000 to extend the ransomware’s deadline and $300,000 to either delete all the stolen data or download it. PhilHealth Ransomware Attack
September 25, 2023 Hong Kong crypto business Mixin Hong Kong crypto business Mixin says hackers stole $200 million in assets Allegedly North Korean government’s APT38 hacking group — known by many researchers as Lazarus or TraderTraitor A cryptocurrency business based in Hong Kong announced that hackers had stolen around $200 million of its assets after attacking its cloud service provider. Mixin Hack
September 18, 2023 Kuwait government’s Finance Ministry
Kuwait isolates some government systems following attack on its Finance Ministry
Rhysida ransomware gang The government of Kuwait suffered a ransomware attack that affected its Ministry of Finance. Government officials immediately tried to separate and shut off affected systems. Kuwait Ministry of Finance Ransomware Attack
September 13, 2023 CoinEx CoinEx confirms hack after $31 million in cryptocurrency allegedly stolen from exchange North Korea’s Lazarus hacking group (Apparently) Cryptocurrency exchange CoinEx confirmed that a hacker stole millions of dollars worth of cryptocurrency in an attack. While the company claims the amount of losses is still being determined, blockchain data collected by several cryptocurrency security firms shows that about $31 million worth of coins was allegedly stolen from the platform. CoinEx Hack
September 04, 2023 Germany’s Federal Financial Supervisory Authority (BaFin) German financial regulator's website hit by DDoS attack Unknown
Due to the impact of the DDoS attack, the website of Germany’s Federal Financial Supervisory Authority (BaFin) was only partially accessible for two days.
BaFin DDoS Attack
August 14, 2023 United Bank, Parkersburg United Bank announces breach involving Camden Clark data Clop Ransomware (MOVEit Breach) The impacted electronic records are related to payments made by check or money order to Camden Clark between approximately December 2022 and May 2023. United Bank Parkersburg Breach
August 07, 2023 American National Insurance Company American National Insurance Company Experiences Data Breach Affecting Consumers’ Social Security Numbers Clop Ransomware (MOVEit Breach) In a notice, ANICO explains that the incident resulted in an unauthorised party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, addresses, financial account information and medical information. American National Insurance Company Data Breach
August 07, 2023 The Hartford Life and Accident Insurance Company The Hartford Life and Accident Insurance Company Files Notice of Data Breach Impacting Thousands Unknown In a notice, the company explained that the incident resulted in an unauthorised party being able to access consumers’ sensitive information, including their names and Social Security numbers. The Hartford Data Breach
August 07, 2023 Bank OZK Bank OZK Announces Third-Party Data Breach Stemming from Vendor’s Use of MOVEit Clop Ransomware (MOVEit Breach) Bank OZK said that the incident resulted in an unauthorised party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, transaction activity, dates of birth and Trust and Wealth account numbers. Bank OZK Data Breach
August 03, 2023 Omaha Health Insurance Company (“OHIC”), a division of Mutual of Omaha Mutual of Omaha Rx reports data breach leaking confidential member information Unknown In this notice, OHIC explained that the incident resulted in an unauthorised party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, dates of birth, medical claims information, banking information, billing information and medical treatment information. Omaha Health Insurance Company Data Breach
August 03, 2023 Unum Group’s subsidiary Starmount Life Insurance Company, Inc. (”Starmount”) Unum Group Confirms MOVEit data breach leaked customer information, including SSNs Unknown  Unum explained that the incident resulted in an unauthorised party being able to access consumers’ sensitive information. Starmount Life Insurance Data Breach
July 20, 2023 Fidelity & Guaranty Life Insurance Company Fidelity & Guaranty Life Insurance Company notified by PBI of data breach related to MOVEit Clop Ransomware (MOVEit Breach) F&G said that the incident resulted in an unauthorised party being able to access consumers’ sensitive information, which includes their names and Social Security numbers. F&G Life Insurance Co Data Breach
July 17, 2023 Quorum Federal Credit Union Quorum Federal Credit Union announces data breach resulting from MOVEit vulnerability Clop Ransomware (MOVEit Breach) Quorum announced that the incident resulted in an unauthorised party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, financial account information and driver’s license numbers. Quorum Federal Credit Union Data Breach
July 14, 2023 PlainsCapital Bank PlainsCapital Bank announces data breach involving vendor’s use of MOVEit Clop Ransomware (MOVEit Breach) PlainsCapital Bank explained that the incident resulted in an unauthorised party being able to access customers’ sensitive information, which includes their Social Security numbers and bank account numbers. PlainsCapital Bank Data Breach
July 13, 2023 The Franklin Mutual Insurance Group The Franklin Mutual Insurance Group notifies victims of recent data breach following ransomware attack Unknown In this notice, FMI explained that the incident resulted in an unauthorised party being able to access consumers’ sensitive information. Franklin Mutual Insurance Group Data Breach
July 10, 2023 Rockland Trust Bank Rockland Trust Bank informs 14,806 of data breach involving vendor’s use of MOVEit software Clop Ransomware (MOVEit Breach) Rockland Trust said that the incident resulted in an unauthorised party being able to access consumers’ sensitive information, which includes their names, addresses, account numbers, email addresses, bill payment amounts, and the payees’ names and addresses. Rockland Trust Bank Data Breach
July 05, 2023 NIH Federal Credit Union NIH Federal Credit Union notifies 14,706 members of data breach Unknown The NIHFCU investigation confirmed that the employee’s email account was accessed by the unauthorised party for a period of a few hours on April 11, 2023. It was later determined that some of the emails and attachments within the email account contained confidential consumer information. NIH Federal Credit Union Data Breach
June 30, 2023 City National Bank of Florida Over 36k Customers of City National Bank of Florida affected by MOVEit data breach Clop Ransomware (MOVEit Breach) The breach did not impact CNBF’s computer systems but the bank explained that the incident resulted in an unauthorised party being able to access consumers’ sensitive information. City National Bank of Florida Data Breach
May 01, 2023 Level Finance Crypto Level Finance crypto exchange hacked after two security audits Unknown Hackers exploited a Level Finance smart contract vulnerability. They managed to drain 214,000 LVL tokens from the decentralised exchange and swapped them for 3,345 BNB, worth approximately $1,100,000. Level Finance Crypto Hack
April 24, 2023 Mossad, National Insurance Institute of Israel Mossad, Israeli companies targeted in major cyber attack by Sudanese hacker group. A hacker group calling itself Anonymous Sudan The cyber attack forced various Israeli websites, including those of Mossad and the so-called National Insurance Institute, which is responsible for the social security of Israeli settlers, to go offline. Israeli Cos Attacked
April 24, 2023 KuCoin KuCoin's Twitter account was hacked to promote a crypto scam. Unknown The compromise allowed attackers to promote a fake giveaway scam that led to the theft of over $22.6K in cryptocurrency. KuCoin Crypto Scam
April 24, 2023 US Consumer Financial Protection Bureau The US Consumer Financial Protection Bureau suffers a breach affecting 256,000 consumer accounts. A former CFPB employee In this data breach, the personal information of around 256,000 consumer accounts was compromised. US Consumer Financial Protection Bureau Data Breach
April 20, 2023 Angel One Client data breach at Angel One; stock falls 2%. Unknown Client profile data (like name, email, mobile number) and client holding data may have been accessed. The company's stock price also dropped down by 2% apparently due to the incident. AngelOne Data Breach
April 20, 2023 ICICI Bank ICICI Bank refutes data breach allegation. Unknown Over 3.6 million ICICI Bank files comprising the bank's and its clients' information was allegedly leaked from a publicly accessible cloud storage bucket managed by DigitalOcean. The hackers allegedly stole bank statements, credit card numbers, KYCs, PAN card info., scanned passport copies, and also the resumes of current and prospective employees. But ICICI bank denies the breach saying they don’t own the URL captured by the hackers. ICICI Bank Alleged Data Breach
March 16, 2023 A Deutsche Bank subsidiary, Latitude Financial Services (Latitude) Latitude Financial data breach now impacts 14 million customers. Unknown Latitude confirmed it was impacted by a cyber attack on March 16, affecting 330,000 customers, but, after further investigating the incident, on March 27, 2023, Latitude revealed that the impact of the incident is much more significant, now believed to have affected 14 million customers or loan applicants from Australia and New Zealand. Latitude Financial Data Breach
March 12, 2023 Lending protocol Euler Finance Hackers steal $197 million in crypto in Euler Finance attack. Unknown The cryptocurrency theft involved multiple tokens, including $8.75 million worth of DAI, $18.5 million in WBTC, $33.85 million in USDC, and $135.8 million in stETH. Euler Finance Attack
March 10, 2023 Chile’s National Health Fund, Fonasa BlackCat confirms attack on Fonasa. BlackCat Ransomware A news source shared a stolen data file that includes a directory of files as well as some correspondence with the names, addresses, and city of Fonasa health beneficiaries, etc. Fonasa Ransomware Attack
March 07, 2023 Commonwealth Bank of Australia's Indonesian unit Commonwealth Bank of Australia's Indonesian arm hit by cyber attack Unknown The incident involved unauthorised access of a web-based software application used for project management, and the bank's Australian systems were segregated from PTBC systems. Cyber Attack on Indonesian Arm of Commonwealth Bank of Australia
March 06, 2023 HDFC Bank HDFC Bank denies data breach even as 7.5 GB of customer information is allegedly leaked for free on Hacker Forum. Threat actor using the title Kernelware on Breach Forums The threat actor posted 7.5 GB of stolen data belonging to HDFC Bank for download without any payment. HDFC Bank Alleged Data Breach
March 03, 2023 La Segunda Insurance LockBit published data stolen from La Segunda including judicial files, expert reports and medical data. LockBit Ransomware LockBit group encrypted the insurer's systems and exposed 52 GB of sensitive information from the Rosario insurance company La Segunda. La Segunda Insurance Ransomware Attack
March 02, 2023 Hatch Bank Hatch Bank discloses data breach after Cl0p ransomware attack on GoAnywhere MFT. Clop ransomware (Apparently) Hackers stole the personal information of almost 140,000 customers from the company's Fortra GoAnywhere MFT secure file-sharing platform. Hatch Bank Data Breach
March 01, 2023 Poland’s Tax Service Poland blames Russian hackers for a cyber attack on a tax service website. Pro-Russian hacker group NoName057(16) The cyber attack caused the website to crash for approximately one hour and blocked users’ access to the online tax filing system. Poland's Tax Service Cyber Attack
February 03, 2023 Nonstop Health Data and Source Code from Nonstop Health allegedly hacked Unknown Data and source code allegedly from Nonstop were leaked on two popular hacking-related forums. Personal information leaked online included names, date of birth, postal address with state and zip code, personal email address, and Social Security numbers.  Nonstop Health Data Breach
Janaury 25, 2023 Zacks Investment Research Zacks Investment Research data breach affects 820,000 clients Unknown Hackers breached Zacks Investment Research (Zacks) company and gained access to personal and sensitive information belonging to 820,000 customers. Zacks Investment Research Data Breach
January 20, 2023 Bank of Eastern Oregon Bank of Eastern Oregon files official notice of data breach Unknown The Bank of Eastern Oregon (“BEO”) filed notice of a data breach with the Attorney General of Montana after learning that employee email accounts containing confidential customer information were accessed by an unauthorised party. Based on the company’s official filing, the incident resulted in an unauthorised party gaining access to consumers’ sensitive information. Bank of Eastern Oregon Data Breach
January 9, 2023 Aflac Insurance, Zurich Insurance Group Aflac, Zurich policyholders in Japan affected by data leaks Unknown Personal information for more than 1.3 million Aflac cancer insurance policyholders and almost 760,000 Zurich Insurance auto insurance policyholders is on the dark web following a hack on a third-party contractor. Data Leak of Policyholders in Japan


Back to the Top


Get Email Updates on our Latest News

Simply enter you details in the form below to subscribe:

  • Or call us on:
  • +44 (0) 203 189 1422