Eight UK cyber attacks and data breaches

UK Cyber Attack & Data Breach List

December 2022

Cyber System Lock Cover Image

Eight UK cyber attacks and data breaches

Eight UK cyber attacks and data breaches were reported in December, marking the close to a year of significant breaches.

The most significant incident occurred at LastPass, the private equity owned password manager.  Having suffered an initial breach in August 2022, LastPass announced that customer data had been breached in a related incident in early December. 

Towards the end of December it was revealed that this data included customer password vaults.  Due to the architecture of LastPass this in itself does not represent a direct breach of customer passwords, as the passwords in the vault are encrypted using a key derived from a user’s master password. 

LastPass have since released a press release to assure users their passwords are secure.

Having said this however we still strongly advise the laborious task of changing all passwords currently stored in LastPass.  The simple truth is that password vaults are now in the hand of potential attackers, who will currently be trying to crack master passwords with all their might.  If your master password is easily guessable, which memorable human generated passwords can be, then there is a risk that your vault could be breached.

If you would like to know more about how we collate this information, please follow this link.

Scroll down to see the list.

Health and Social Care

Cyber Attacks - Hacking Incident

01 Dec 2022

Cyber attack hits North East London Foundation Trust finance systems

An East London health trust believes there is “no evidence” that its patients’ data was stolen during a cyber attack - but its finance systems were affected.

image for 2022 cyber attack on North east London foundation Trust
Read full article

Technology, Communication and Media

Cyber Attacks - Hacking Incident

01 Dec 2022

Intruders gain access to user data in LastPass incident

Intruders broke into a third-party cloud storage service LastPass shares with affiliate company GoTo and gained access to "certain elements" of customers' information, the pair have confirmed.

image for 2022 data breaches on lasspass
Read full article

Education

Data Breaches

12 Dec 2022

Devon schools investigation over personal data breach

A Devon school trust has launched an internal investigation amid claims that personal and private information about teachers, including addresses and health information, was allegedly exposed to students. Dartmoor Multi Academy Trust (DMAT) has confirmed a data breach occurred last week but has not stated precisely what information was shared and with who.

image for 2022 data breaches on Dartmoor Multi Academy Trust
Read full article

Technology, Communication and Media

Cyber Attacks - Ransomware

21 Dec 2022

Guardian hit by serious IT incident believed to be ransomware attack

"The Guardian has been hit by a serious IT incident, which is believed to be a ransomware attack.

The incident began late on Tuesday night and has affected parts of the company’s technology infrastructure, with staff told to work from home."

image for 2022 cyber attack on The guardian
Read full article

Education

Cyber Attacks - Hacking Incident

23 Dec 2022

One of Bradford’s biggest school trusts has been hit by a cyber-attack.

"Dixons Academies Trust runs 10 schools in the district and others elsewhere.

Cyber specialists have launched an investigation into the attack and urged the trust to take extra precautions.

Parents may be unable to use the schools’ phone lines temporarily, the school said.

In a letter to parents, chief executive Luke Sparkes said: “We want to make you aware that Dixons has been subject to a cyber incident which has caused some disruption across our trust."

image for 2022 cyber attack on Dixons Academies Trust
Read full article

Government and Public Sector

Cyber Attacks - Hacking Incident

26 Dec 2022

Education Secretary's Twitter account hacked in embarrassing Christmas attack

The Education Secretary has been hacked as her Twitter account has made a number of bizarre changes, beginning from around 7.30pm on Christmas Day. The profile photo on the account, formerly an image of Gillian Keegan herself, has been changed to a snap of Elon Musk, the new CEO of Twitter.

image for 2022 cyber attack on Education Secretary Gillian Keegan
Read full article

Technology, Communication and Media

Cyber Attacks - Hacking Incident

27 Dec 2022

Piers Morgan’s Twitter disappears after account ‘hacked’ with tweets about the late Queen

"Piers Morgan’s Twitter account has disappeared, amid reports that it had been hacked.

The former Good Morning Britain star, who has 8.3 million followers, usually tweets on an almost hourly basis, sharing his thoughts on everything from world politics to Meghan Markle."

image for 2022 cyber attack on piers morgan
Read full article

Retail and Wholesale Trade

Cyber Attacks - Hacking Incident

28 Dec 2022

HACK ATTACK Arnold Clark hit by Christmas Eve ‘cyber attack’ leaving staff unable to access systems

"CAR dealership Arnold Clark was targeted by hackers in a devastating Christmas Eve cyber attack.

The auto giants’ computer system was wiped meaning bosses feared they may have lost thousands of customer details."

image for 2022 cyber attack on arnold clark
Read full article

Published on

Bob Nicolson | Head of Consultancy

bob.nicolson@nicolsonbray.com