In May 2020, the telecommunications company disclosed that it had suffered a cyber attack in which hackers compromised a cloud server located in its data center, before using it as a 'stepping stone' to attack another internal server and its Active Directory server. Attackers moved from those servers to compromise an information management server used to service the company's cloud and hosting customers. It is from this last server that attackers stole data on 621 of the company's customers.
The system administration department detected a log of an unauthorized remote operation within the company's Active Directory which prompted the initial investigation and alerted the company to the incident.
Want to discuss this case? We're offering a FREE 20 minute phone consultation to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.