CyberInsights Weekly #20
Your weekly dose of learnings from cybersecurity news
I. An abundance of caution…
Clothing Brand 'The North Face' Hit By Credential Stuffing Attack, Suffers Data Breach
When faced with a credential stuffing attack, The North Face, notified their customers and shared best practices to them.
They were not obliged to do this under any privacy law. They did it out of “an abundance of caution.”
CISO Check:
Do you have a mechanism to detect and prevent credential stuffing attacks?
Does your cyber crisis management plan/ incident management plan cover proactive communication to affected users?
II. … and a lack of communication
This one has all the makings of a thriller.
A dark web monitoring company informs some leading companies about a breach. In a curious turn of events, the breached companies accuse the dark web monitoring company of ‘digital extortion’ and file an FIR.
Are the breached companies shooting the messenger? Is there something more than what meets the eye?
CISO Check:
Does your incident management plan include responding to/ working with intermediaries who claim to assist with attackers?
III. Quote of the week
Next to doing the right thing, the most important thing is to let people know you are doing the right thing. - John D. Rockefeller
Have an original interesting cybersecurity quote? Let us know in the comments and we will publish it along with your name in our quotes section.