Lancaster University Phishing Attack

Lancaster University has revealed it has been subjected to a ‘sophisticated’ phishing attack resulting in attackers gaining access to student and applicant data including names, addresses, email addresses and more.  

https://twitter.com/soldopane/status/1153647747599347712

Experts Comments

July 29, 2019
Tim Erlin
VP of Product Management and Strategy
Tripwire
"Employee education is the first line of defense against phishing, but even trained security professionals can be fooled by a well-crafted attack. Organizations should put in place technical controls to prevent and detect successful attacks as well. It’s not enough to simply tell people not to click on dangerous links."
July 29, 2019
Felix Rosbach
Product Manager
comforte AG
“As a private individual, sometimes there’s no way to be sure that the services we use are protected by an adequate amount of security. Even if you don’t enter payment details, your ID, name, and address can be used to start fraudulent activities. Therefore organizations have to disclose a breach and inform users as soon as possible to preserve trust. A fast response is only possible when already having a sophisticated incident response strategy in place. While the chances of.....Read More
“As a private individual, sometimes there’s no way to be sure that the services we use are protected by an adequate amount of security. Even if you don’t enter payment details, your ID, name, and address can be used to start fraudulent activities. Therefore organizations have to disclose a breach and inform users as soon as possible to preserve trust. A fast response is only possible when already having a sophisticated incident response strategy in place. While the chances of being breached are higher than ever before, there is not much you can do about it. With an ever-growing attack surface, building just another wall around your network is not the best way forward. Especially when it comes to phishing attacks. In the end, the most important thing to do is to protect your customers’ data. With modern solutions such as FPE or tokenization, you can render PII (including names, addresses, and IDs) useless to hackers.”  Read Less
July 29, 2019
Ronan David
VP of Strategy and Business Development
EfficientIP
“Phishing attacks are one of the most popular DNS attacks. They often result in data theft, revealing sensitive information and paralyzing systems. Our 2019 Global DNS Threat Report reveals over half (55%) of higher education organisations have been vulnerable to phishing attacks.”
July 29, 2019
Tim Galligan
GM of EMEA
SailPoint
“The phishing attack on Lancaster University goes to show that nothing and no-one is completely safe from hackers. Phishing attacks have become increasingly sophisticated in the past few years, helping criminals to impersonate legitimate organisations with eerie accuracy and believable details. As a result, no organisation should be asking if they will be breached, but more likely, when. “The premise of phishing depends on accessing the right data to build a believable trap that.....Read More
“The phishing attack on Lancaster University goes to show that nothing and no-one is completely safe from hackers. Phishing attacks have become increasingly sophisticated in the past few years, helping criminals to impersonate legitimate organisations with eerie accuracy and believable details. As a result, no organisation should be asking if they will be breached, but more likely, when. “The premise of phishing depends on accessing the right data to build a believable trap that human users can fall into – therefore, it is more important than ever to ensure that the organisations we trust with that information are taking appropriate measures to protect it. People are the most vulnerable attack vector, which is why phishing attacks have remained so popular and have become even more sophisticated as everyone now relies on digital platforms for communication. IT teams can do a lot to prevent phishing attacks from reaching our inboxes – but everyone must think security first when providing our personal information. “It remains to be seen just how many students were impacted by this breach, however this event should remind us all that our personal information is our most valuable asset and we should secure and guard it carefully.”  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts