Telecoms company Sure says it recently fell victim to a 'phishing' attack that affected one of their employee's email accounts due to what the company described as "human error."
As a result of the attack, the data of fewer than 400 suppliers, employees and former employees across the three islands of Jersey, Guernsey and the Isle of Man was disclosed.
“The data was limited in nature and no existing customers’ data has been compromised," Tim Stonebridge, Chief Security Officer at Sure, said. "Contacting those affected has been our priority and we have now informed them and offered relevant advice, as well as making the Data Protection Authorities in each island aware of the attack.
“The loss of data was the result of human error and only affected one staff email account which our systems identified and subsequently shut down. The attack was contained and Sure’s systems were never compromised."
The attack was discovered on 15 July when Sure IT staff reviewed logs that reported unusual activity from seven, countries relating to a Sure staff email account.
"The alerts revealed that these log in attempts occurred during the early hours of Sunday 14 July," Sure said.
"Upon this discovery the suspect email account was immediately locked down and access credentials changed.”
Mr Stonebridge said that while the data that has been stolen cannot be used in isolation, they have advised those affected to be "extra vigilant."
“We’d like to apologise to all those who have been affected," he added. "Security is of paramount importance to Sure and our employees undergo regular cybersecurity training. We are constantly reviewing our training programmes and will use this example to inform future learning.”
Comments
Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.