This week, one of SA’s largest hosting companies, Hetzner, was hacked, exposing hundreds of thousands of FTP passwords, domain names and bank account details, with the exception of credit card information. This has left SA organisations vulnerable to bad actors who could now control the Web sites of customers, says MyCyberCare’s Simon Campbell-Young.
“Hetzner notified clients on its Web site on Wednesday that earlier that day, it had become aware of unauthorised access to its konsoleH control panel database, and said it was crucial for customers to update all passwords associated with their Hetzner account at once, including konsoleH admin passwords.”
Hetzner confirmed that a SQL injection vulnerability was identified within konsoleH, which has been fixed, and that the company shut down access to konsoleH during the course of the day to facilitate investigations. Hetzner added that konsoleH administrator passwords have not been compromised, but as a precaution, said it had proactively updated all FTP passwords which were exposed.
In addition, Hetzner advised its customers that should they have provided konsoleH access details to any other parties, they should advise them to update their login details as soon as possible. Hetzner has appointed external forensic investigators, who are already on site, to investigate the breach.
“This is just one more major security incident that proves the maxim ‘it’s not a question of if, but when’. No business is completely safe from cyber attacks, and it makes sense to have insurance in place to protect the business should they fall victim. No one buys car insurance thinking they are going to have an accident, but I don’t know anyone who’s foolish enough to drive without it,” Campbell-Young says.
A cyber insurance policy is designed to help organisations mitigate risk exposure by offsetting costs associated with recovery after a security breach or event, he explains. “This would include the costs of any forensics investigation undertaken to find out what happened, how to repair the damage and how to prevent a similar incident from happening in the future.”
It would also cover business and financial losses incurred through network downtime, business interruption and data loss recovery. It would also cover crisis and reputation management costs involved in managing perception and repairing reputation damage.
Another important expense covered by cyber insurance, says Campbell-Young, is the expense of privacy and notification, including mandatory data breach notifications to any affected customers and other parties, which are required by law, as well as credit monitoring for customers whose information may have been exposed. “Finally, a good policy will cover legal expenses associated with the release of confidential information and intellectual property, settlements and any regulatory fines imposed.”
- Urgent call to review Fuel Pricing in SA | #Motoring | Diesel and Dust | Tumelo Maketekete | #Podcast | #ebizradio - January 27, 2022
- Follow your consumers and do it BIG! | #LTM | #Marketing | Kevin Britz | Craig Page-Lee | #Podcast | #ebizradio - January 27, 2022
- How to use emotional intelligence to improve your sales? | The Shift Show | #Sales | #GrowGetters | Shelley Walters | Clive Vanderwagen | The Sales Counsel | Ready People | #ebizradio | #Podcast - January 26, 2022
- Just Talk to People | #Entrepreneur | Word of Mouth | Lindi Tshabangu | Laura Ruthven| Female Entrepreneur SA Magazine | #Podcast | #ebizradio - January 24, 2022
- Can technology take the pain out of recruitment? | #OneEyedMan | Mike Stopforth | Francois de Wet | #ebizradio | #Podcast - January 24, 2022
- Why understanding UBOs is critical |#Insight | #ebizradio | Jason Shedden | Contactable - January 24, 2022
- Making news headlines this week | #News | Kuhle Tshabalala | #Podcast | #ebizradio - January 21, 2022
- Motoring News – Chery Tiggo 8 – Suzuki V-Storm DL-650 | #Motoring | Diesel and Dust | Tumelo Maketekete | #Podcast | #ebizradio - January 21, 2022
- The State We’re In 2022 – Six Trend Pillars for this year | #Trends | #Insight | Dion Chang | Flux Trends | #Podcast | #ebizradio - January 20, 2022
- Female Leadership – Success Factors and Barriers to Overcome | #Insight | #ChangeConversations | Mpume Ncube-Daka | Moloko Komane | #Podcast | #ebizradio - January 20, 2022