Customers of supermarkets hit with cyberattacks advised to be on the alert to a spike in scams
Ralph Riddiough has advised customers of supermarkets hit with cyberattacks to be on the alert to a spike in scams.
The recent targeting of retailers including Marks and Spencer and Co-op has led to empty shelves across UK stores as the companies’ slowed deliveries and shut down parts of their IT systems in response to cyberattacks.
“Supermarkets are attractive targets as they process a high volume of financial transactions, they hold a lot of customer data, their supply chains are complex which means there are many points of entry for cyber criminals and generally the drive to ‘digital transformation’ has increased the exposure of large organisations to cyberattacks,” warned Riddiough.
“The data of customers of these supermarkets may have been stolen and I would advise them to be alert to a spike in scams. If a company has lost customer data, it must tell its customers without delay and report it to The Information Commissioner's Office (ICO).
The Co-op has warned that the hackers – understood to be a criminal group named 'DragonForce' – have accessed a 'significant' amount of data from 20 million past and current members. This data includes names and contact details, but not passwords or any financial information.
Marks & Spencer has also revealed that some personal customer data was stolen in the recent cyber-attack, which could include telephone numbers, home addresses and dates of birth.
Riddiough warned that the names and contact details of customers of these retailers may have been compromised in the cyberattack and they should be cautious with any unsolicited emails or phone calls in the coming weeks.
“If your data has been stolen and causes you financial damage or distress, you could make a claim for compensation from the organisation that lost it,” he said. “You can also take your concerns to the Information Commissioner's Office (ICO).”
And as for supermarkets and other organisations, Riddiough notes that cybersecurity has been an issue rising up board meeting agendas for several years, at a pace matched by the increases in insurance premiums for cyber insurance, reflecting an ever-increasing risk profile.
“We expect to see ransomware as a service gaining ground, as cybercriminals sell malware to unsuspecting businesses,” he said.
“Accordingly, we expect to see responsibility for cyber security moving out of IT departments and outsourced to trusted consultants.
“For companies seeking to ramp up their response, a good exercise is to work with a trusted consultant to review their risk profile, make the necessary changes, and then engage with an insurance broker to seek appropriate insurances.”
ENDS
For further information please contact on Ralph Riddiough on tel 0141 226 4942