Clarksons cyber attack originated via one single user account

Written by Nick Blenkey
image description

JULY 31, 2018 — Shipbroking giant Clarksons has disclosed that a November 2017 cyber security incident may have affected the security of certain personal information. Clarksons says that it is working to provide potentially affected individuals with information and access to resources so that they may take steps to best protect their personal information.

Clarksons says that, on November 7, 2017, it learned that it was the subject of a cyber security incident in which an unauthorized third party accessed certain Clarksons’ computer systems in the U.K., copied data, and demanded a ransom for its safe return.

As soon as the incident was discovered, Clarksons took steps to respond to and manage the incident, including launching an immediate investigation into the nature and scope of the event, notifying regulators, working with third party forensic investigators, and informing law enforcement.

Through the forensic investigation, Clarksons quickly learned that the unauthorized third party had gained access to its system from May 31, 2017 until November 4, 2017. Clarksons learned that the unauthorized access was gained via a single and isolated user account. On discovering this access, Clarksons immediately disabled this account.

Through the investigation and legal measures, Clarksons was then able to trace and recover the copy of the data illegally copied from its systems. Clarksons says that it has also been working diligently, in cooperation with law enforcement and forensic investigators, to determine what data may have been involved and that, “in an abundance of caution,” it is notifying potentially affected individuals.

“While the potentially affected personal information varies by individual,” says Clarksons, “this data may include a date of birth, contact information, criminal conviction information, ethnicity, medical information, religion, login information, signature, tax information, insurance information, informal reference, national insurance number, passport information, social security number, visa/travel information, CV / resume, driver’s license/vehicle identification information, seafarer information, bank account information, payment card information, financial information, address information and/or information concerning minors.”



Categories: Safety and Security Tags: , , ,

Leave a Reply