News
National Lottery data breach - comment from RelianceACSN
November 2016 by John Madelin, CEO at RelianceACSN
Following the news that the National Lottery has suffered a data breach, John Madelin, CEO of RelianceACSN, comments:
"There are some interesting features associated with the data breach suffered by the
National Lottery website. First, it was a vulnerability suffered through interaction
with third parties, a consistent weakness in today’s online partnerships. Another
common feature is the gap between the hackers getting in, and capitalizing on their
position. Usually the time between compromise and theft is wide enough to cause
serious cash loss, in this case it appears they didn’t take money or target
Camelot’s financials, yet.
This also highlights the fact that there are many motives that drive hackers beyond
direct financial gain and that a compromise is a first step to finding and stealing
valuable assets of many kinds, including data such as emails and passwords which in
the wrong hands are hugely valuable. In the National Lottery’s case it looks like
the cyber criminals were after personal data which they would be able to sell on the
black market at a later date, and first indications suggest that Camelot was able to
step in before serious damage was done. To avoid situations such as this,
organisations need to understand the hidden value of the data they hold and why
criminals might find it valuable - one man’s trash could be a cybercriminal’s
treasure."
