We’re not even a month into 2019 and already the threat of a possible major cyber security breach has made the headlines. On New Year’s Eve, it was reported that a hacker group known as ‘The Dark Overlord’ threatened on Twitter to leak 18,000 sensitive files relating to the 9/11 terror attacks. It is believed these contain legal information related to insurers of the World Trade Center.
The hacker group said that they would leak the classified information containing 9/11 ‘truth’ unless they are paid a ransom in bitcoin. The insurers believed to be threatened include Hiscox and Lloyds of London, while law firm Blackwell Sanders Peper Martin (now Husch Blackwell) have also allegedly been targeted.
Hiscox acknowledged the online coverage relating to Twitter posts about the 9/11 security incident, mentioning its company and others.
However, Hiscox allayed fears by releasing this statement, saying: “The online posts related to an incident we reported in April 2018, when we were made aware that a US law firm that advised Hiscox, some of our commercial policyholders and other insurers, had experienced a data breach in which information was stolen.
“The law firm’s systems are not connected to Hiscox’s IT infrastructure and Hiscox’s own systems were unaffected by this incident. One of the cases the law firm handled for Hiscox and other insurers related to subrogation litigation arising from the events of 9/11, and we believe that information relating to this was stolen during that breach.
“Once Hiscox was made aware of the law firm’s data breach, it took action and informed policyholders as required. We will continue to work with law enforcement in both the UK and US on this matter.”
Both Lloyds of London and Husch Blackwell also denied that they had been hacked. However, a Husch Blackwell spokesperson told Insurance Age that a predecessor firm to Husch Blackwell had documents accessed that were then made public.
It’s not clear if there’ll be more to this particular hacking incident in the coming days or whether this will simply fizzle out into nothing, considering the fact that all of the companies that had been allegedly targeted deny being hacked.
But what’s clear is that no one is immune to a cyber-attack from very small businesses right through to the likes of British Airways, which experienced a data breach last year where 380,000 sets of payment details were stolen.
In the years to come, experts claim that hackers will become bolder, more commercial and less traceable. It’s difficult to catch hackers as they don’t have to be sitting next to you in order to access your company’s details. They can be thousands of miles away in a country where regulation is not as strict and politicians look the other way (or even support them).
The only thing left therefore, is to do everything in your power to ensure that you protect your business, it’s data and the client’s data.
At SchemeServe, we have a fully-controlled staff-level security function. This means that data is only accessed by those who’ve been enabled, while military-grade encryption and multi-level authentication features provide access security that goes above and beyond industry standards.
Can you be certain that your company’s data is protected? If not, it’s not too late to ensure that your security is made a top priority in your New Year’s resolution list.