Connect with us

Hi, what are you looking for?

Tech & Science

BlackCat claim responsibility for Prudential cyberattack

Financial organizations responsible for safeguarding millions of customers’ sensitive data must prioritize cybersecurity.

Ransomware allegedly sold by a Venezuelan-French doctor would encrypt information on the computers that had been hacked, then the attackers would demand money to decrypt it
Image: - © AFP/File JEFF KOWALSKY
Image: - © AFP/File JEFF KOWALSKY

Following the disclosure of Prudential Financial’s data breach, there are associated concerns for the sector. Nick Tausek, Lead Security Automation Architect at Swimlane explains to Digital Journal the extent of lessons to be learnt.

The ransomware group known as BlackCat and Alphv said they were responsible for the recently disclosed cyberattacks impacting financial giants LoanDepot and Prudential Financial, Security Week reports.

The two companies were named on the BlackCat leak website on Friday, February 16, 2023. Based on the messages published by the hackers, both companies have refused to pay a ransom.

Tausek explains the background to the incident: “Prudential Financial, the leading global financial services Fortune 500 company, disclosed a cyberattack last week that resulted in the breach of employee and contractor data. The company provides insurance, retirement planning, and wealth and investment management services to over 50 million customers, and employs 40,000 individuals worldwide.”

Tausek acknowledges that information is somewhat limited in terms the detail: “Prudential has yet to disclose the scope of the breach or the number of customers and contractors affected. As with other early notifications, we can expect these numbers to be provided and potentially revised in the coming weeks, as the scope becomes apparent through investigation.”

In terms of the wider lessons for the industry, Tausek advises: “Financial organizations responsible for safeguarding millions of customers’ sensitive data must prioritize cybersecurity. While their security teams need various tools to protect complex technology environments, disjointed tools that lack cross-communication and cloud integration are straining team bandwidth and creating security gaps.”

The consequences of this are: “Cybercriminals are taking advantage of these gaps, leading to frequent and costly breaches. According to a recent report from Swimlane and Omdia, 42 percent of financial organizations have had at least one breach with a total cost of $1 million in the last 12 months, with 20 percent experiencing a breach with a total cost of more than $5 million.”

In terms of further advice of the financial sector, Tausek offers: “To prevent similar data breaches in the future, organizations should implement a multi-faceted platform to centralize detection, response, and investigation. Not only will automating this process provide complete visibility into the IT environment, allowing teams to assess the effectiveness of their SOC, but it will also eliminate the need for heaving coding, increasing efficiency.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

Radiolab focuses on investigative journalism into science, tech and even legal history. Continuing with over 200 episodes.

Business

The report details the output from AI systems used to identify critical trends shaping the future of AML and financial crime prevention.

Tech & Science

The Internet Archive, an online repository of web pages, was offline Thursday after its founder confirmed a major cyberattack.

World

The Nobel Peace Prize was awarded to the Japanese anti-nuclear group Nihon Hidankyo, atomic bomb survivors from Hiroshima and Nagasaki.