Cancer Research UK targeted by Russian hackers
Cancer Research UK has been targeted by Russian hackers, according to reports appearing in national newspapers this weekend.
RiskIQ, a cybersecurity consultancy, said the group “tried to steal the card details of people in the UK who had brought items through the cancer charity’s online gift shop”.
According to the Daily Telegraph: “Cancer Research UK runs an online shop where customers can buy items including skin treatment lotions and bandanas for chemotherapy patients.
“The hackers planted malicious code into Cancer Research UK’s website, which was designed to siphon off the credit card information of people who made purchases through the site.”
A spokeswoman for the charity confirmed that CRUK shops had been hacked in June 2016, but said no credit card information had been stolen.
She also provided a statement from Nigel Armitt, chief financial officer at CRUK, which said: “We advised customers who might have been affected to contact their bank as a preventative measure, so they could be advised if any additional action needed to be taken.
“The online store services were immediately disabled to ensure the exposure was limited and a subsequent investigation conducted by a third-party firm confirmed that there were no supporters impacted by the event.
“The investigation of this incident and its containment was our highest priority.
“Our life-saving work is only possible thanks to public support. We take online data protection and cyber security extremely seriously.
“We reported the incident to the Information Commissioner’s Office, who were fully apprised of the situation and took no further action.”
CRUK was one of a number of UK-based companies and organisations targeted by the same group, which included British Airways and Ticketmaster.
The ICO has been contacted for a comment.
Source civilsociety
Industry: Cyber Security News
Latest Jobs
-
- Identity Channel Partner Manager | London
- London
- N/A
-
Identity Channel Partner Manager | London Location: South East UK (commutable to London) We are working with a Cyber Security business who are looking for a Channel Partner Manager to drive and grow relationships across their identity ecosystem. Prior experience working within VARs, distributors, vendors or resellers in the identity space is essential. You must have experience working with technologies such as CyberArk, Sailpoint, Okta etc Responsibilities will include, but not be limited to: Build, maintain and develop strong relationships with channel partners. Work closely with partner sales teams to support growth drive sales opportunities. Identify and onboard new partners while strengthening existing partnerships. Act as the key point of contact for all channel-related activity. If you are an experienced channel professional, with experience in the Identity space and are ready for your next challenge, apply today.
-
- Microsoft Security Operations Analyst | Bracknell | SC Clearable | SC-200
- Reading
- N/A
-
Senior SOC Analyst Level 2 / 3. Microsoft Security stack | SC Clearable Location: Hybrid remote | Berkshire SC-200 Senior SOC Analyst Level 2 / 3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting / triage, incident response etc with a strong focus on the Microsoft Security Stack. Key Responsibilities: Lead and resolve complex security incidents / escalations Conduct advanced threat hunting using the Microsoft Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills & Experience: The ability to achieve UK Security Clearance (SC) - existing clearance ideal. (Sorry no visa applications) Must have current experience working with a SOC environment Key experience must also include, but not be limited to Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL).