We have been discussing about the WannaCry virus and how it took nearly 300,000 computers hostage in the recent months. The havoc it caused was massive. When you thought it was all over, new hackers who call themselves RavenCrew, breached and stole the customer data of a Sydney tech startup called Qnect.
The hackers have held the data for ransom and have reportedly threatened the company to pay a ransom in Bitcoin; else they would publish the data online, which includes customer email addresses and credit card information.
Qnect offers an app-based online ticket-selling solution which is used by multiple users across the globe, mostly societies and groups. The company is now looking for damage control after its customer received a text message from the hackers informing them of the breach and asking them to convince the company to pay the ransom to avoid the data leak online.
However, Troy Hunt, who is a well-known cyber security researcher, termed the threat of releasing credit card details as a low-impact exposure.
He said, “Personal details are a different class of data that has a different impact. Credit cards are recyclable, personal details aren’t.”
“It’s the sort of thing that sounds like it was done on the cheap. Someone was trying to do something in a user-friendly way without giving consideration to the way it could be abused.
“Hopefully the attack will prevent a much worse impact in the future.”
According to Daniel Liang, co-founder and CEO of Qnect, it was a malware attack that led to the data breach.
He said, “Qnect experienced a malware attack via an employee’s computer affecting a portion of the community similar to the global Wannacry attack last month. Thankfully the financial data of our community was not exposed. This attack does expose the difficulty of SMEs as they combat growing cyber attacks.”
“We welcome the Government’s move to help SMEs with good education and practices for cyber security as well as its new grant in this area,” he said in response to the government’s decision of sanctioning funds worth $15 million to combat cyber crime.
We all know how rapidly the mobile app industry is growing. Almost every one of us uses mobile devices which has become a major focus area for businesses. Customers want portability and convenience and companies are introducing mobile apps to solve this problem. But there is a catch.
This leaves a caveat for hackers to exploit app vulnerabilities which can result in data breaches, cyber attacks and privacy issues for the customers as well as for the companies. As we read about the cybercrime committed by the RavenCrew hackers earlier, as a company if your customer data is stolen, it can dearly hurt your company’s reputation.
So, how do you ensure your data is secure? How to protect your financial information and customer database?
As the Quixxi founder, Giuseppe Porcelli, says:
“Personal information is like money nowadays. Quixxi helps to protect mobile apps from being hacked, but also it works like a shell protecting all it is inside the same application, private data included”
Every business needs to improve its security policy and start integrating procedures into the company workflow. This episode shows how businesses are vulnerable to cyber attacks and unprepared to face them.
It is time to consider cybersecurity in the business policy. Quixxi can help on multiple angles to reinforce security and implement application performances.