This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

It's The Sun wot lost its data!

Share this article:
It's The Sun wot lost its data!
It's The Sun wot lost its data!

News International has suffered a fresh setback as it has been forced to contact readers regarding a potential data breach.

Chris Duncan, director of customer management at News Group Newspapers (NGN), publisher of The Sun and formerly of the News of the World, admitted that the attack on July 19th also caused some customer information from competitions and polls to be breached.

In that instance, the Sun homepage redirected to a page that claimed that News Corporation founder Rupert Murdoch had died. It has been alleged that Jake Davies, who police arrested last week and is believed to be LulzSec member ‘Topiary', had been responsible for that attack.

Duncan said that data that may have been breached could include names, addresses, dates of birth, email addresses and phone numbers, although no financial or password information was compromised.

He said: “We are working closely with the Police and the Information Commissioner's Office to ensure that all steps are taken to retrieve the files involved. We regret that we've not been able to stop this incident from happening.”

A statement appeared on Pastebin from someone calling themselves ‘Batteye' who said that various files obtained from The Sun will be presented.

He said: “We will continue by exposing the world for what it is; a less than perfect place where we cannot trust those who we ask to protect our information. We will continue, until the list has been exhausted, or until the world and man kind realises that we must change how we go on.”

Stewart Room, partner at legal firm Field Fisher Waterhouse, told SC Magazine that despite the details of the breach being sketchy, the preliminary lessons for businesses are already very clear.

He said: “First, if this loss is connected to the LulzSec redirection of The Sun homepage, then it's perilous for businesses to dismiss the ‘hacktivist' community as mere script kiddies. Quite simply, this community seems to be able to harness incredible power to cause significant business interruption.

“Secondly we are reminded that as a matter of law, a business can be held liable for personal data breaches which are the results of cyber attacks if they do not put in place adequate measures to prevent data loss.

“Thirdly and perhaps most importantly, this case reminds us that we do not properly understand the full dynamics of cyber threats. In other words, we are still feeling our way through a massively complex area.

“How the lawmakers will respond from here is anyone's guess, although we are witnessing a cycle of high profile arrests, which suggests that the law enforcement community is actively engaged.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

Google and Facebook offer free cyber-security tools

Google and Facebook offer free cyber-security tools

Google and Facebook have both launched free open-source cyber-security tools this week, designed to help security professionals spot malware and cyber-attacks.

Mixed results for key Government cyber-initiatives

Mixed results for key Government cyber-initiatives

The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...