Scottish Football Association Data Breach

Following the news about Scottish Football Association data breach, Dr Jamie Graves, CEO at ZoneFox commented below.

Dr Jamie Graves, CEO at ZoneFox

jamie-graves“The Scottish Football Association (SFA) data breach is yet another example of the unintentional insider threat striking many businesses. The breach happened after a third-party email database was compromised – some of the details are lacking, but what is clear is that a backdoor was left open for criminals to exploit and obtain sensitive customer data. Fortunately, the SFA have reassured customers that bank and credit card details have not be shared.”

He adds, “Despite this, attacks like this often happen stealthily and wreak havoc rapidly – in this case with phishing emails sent to members past and present. It’s incredibly serious if this now leads to members sending away the £170 requested to these crooks. Social engineering tactics – like phishing – are increasingly common, the Federation of Small Businesses reported 86% of cyber attacks on their members was due to social engineering tactics over the last two years.

“This incident is another wake-up call to companies to become more alert to such breaches and realise that it could happen to anyone. This breach highlights the importance of educating all staff to secure their systems, spot an attempt to gain information from them, and to ensure that wherever they are storing this data is locked down tight.”