UK Cyber Attacks & Data Breaches - May 2023

The definitive UK cyber attacks and data breaches list

Breath a sigh of relief, only five reported cyber attacks and data breaches in the UK this month! Hey, hackers need to take a break too you know. And there were a LOT of bank holidays in May…….

The attack on ABB bears mentioning – an international manufacturing and automation giant for those not in the know – purely for who attacked them; the now infamous Black Basta ransomware group. Black Basta is a Ransomware as a Service (RaaS) group who practice double exploitation; that is they steal data to publish on the darkweb prior to encrypting, so even good backups won’t save you.

They use a fairly traditional initial attack vector, a spear phishing email with a link to download an encrypted zip. Once in, they will spread internally using RDP, network management tools, and malware executables.

Your best defence is to stop them gaining access to your network in the first place, so the classic pincer movement of good staff training and awareness on one flank and strong technical controls like file blocking or sandboxing on the other.

Once they are in, good detective and reactive controls will be critical. So some form of Extended Detection & Response (XDR) or Managed Detection & Response (MDR) will be critical in identifying the attack is taking place, and containing it before it becomes a critical incident.

Smaller businesses could do well to focus on the initial protective controls where you will see a better risk reduction for your cyber security spend if you cannot afford detective controls.

Good luck out there!

To find out how we collate this information, please follow this link.

Scroll down to see the full list of cyber attacks and data breaches.

Visit our cyber attacks and data breaches UK homepage for the full historical list.

Manufacturing

Cyber Attacks - Ransomware

15 May 2023

ABB is ‘hit by a ransomware cyber-attack’

Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting business operations.

Read full article

Government and Public Sector

Data Breaches

17 May 2023

Colchester Council investigating 'serious data breach' by contractor affecting details of residents' benefits

Colchester City Council is continuing an investigation in response to the unsafe storage of personal data after a "serious data breach" by one of their financial services contractors.

image for 2023 cyber attack on colchester

Read full article

Education

Cyber Attacks - Ransomware

21 May 2023

Dorchester school IT system held to ransom in cyber attack

A school has been left unable to use email or accept payments following a cyber attack.
Thomas Hardye School in Dorchester said its screens and systems had been locked since being targeted on Sunday.

image for 2023 cyber attack on dolchester school

Read full article

Health and Social Care

Data Breaches

27 May 2023

NHS data breach: trusts shared patient details with Facebook without consent

NHS trusts are sharing intimate details about patients’ medical conditions, appointments and treatments with Facebook without consent and despite promising never to do so.

Read full article

Transportation and Logistics

Cyber Attacks - Hacking Incident

28 May 2023

London airport's website 'taken down by hackers' as urgent investigation launched

A London airport was reportedly 'hacked' this morning (Sunday, May 28) as the website was disabled for a short period. London City Airport's website was hit with an error message as people were unable to access the site temporarily.