The biggest lesson emerging from the recent recall of 3.2 million debit cards by various Indian banks is that most of the systems that the government and the country’s financial sector put in place to deal with a major cyber attack failed to detect the data breach that necessitated this recall.
As banks scramble to put together a root cause analysis of the events that led to the malware (malicious software) attack that led to one of the biggest security breaches in banks in India in September and October, there is a realisation that institutions failed to share information with each other, leading to cascading failures that permitted the breach to continue undetected for a while.
2. Data breach at Weebly affects 43 million users. From Graham Cluely.
A data breach at free website builder Weebly has compromised the personal information of over 43 million users.
News of the breach arrived on 20 October when LeakedSource.com published a database of 43,430,316 Weebly users’ information on its website. Those records contain a username, email address, password, and IP address.
Little information is known about how those responsible for the breach exfiltrated all of that data, but we do know that the breach occurred at the web-hosting service in February 2016 and that an anonymous source provided LeakedSource with the database.