FISA

In our digital age, data is king. It drives businesses, informs decision-making, and plays an essential role in our everyday lives. However, with the convenience of technology comes the risk of data breaches and leaks. One often overlooked aspect of this risk is the role that lost and stolen computers play in compromising sensitive information. According to  Forrester Research’s 2023 State of Data Security  report, only 7% of security decision makers are concerned about a lost or stolen asset causing a breach, even though such incidents account for 17% of breaches. Such assets can include smartphones, tablets, laptops, external hard drives, and USB flash drives. While these types of breaches may not command the same attention-grabbing headlines as major cyberattacks, the theft or loss of laptops, desktops, and flash drives poses a very real problem. It underscores the pressing need for endpoint resilience and recovery. The Rising Threat Lost and stolen computers are a growing concern f

  Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "highly sophisticated" SIM swapping attack. The incident, which took place on August 19, 2023, targeted the employee's T-Mobile account, the company said. "Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee's phone number to the threat actor's phone at their request," it  said  in an advisory. This enabled the unidentified actor to gain access to certain files containing personal information of bankruptcy claimants in the matters of BlockFi, FTX, and Genesis. SIM swapping (aka SIM splitting or simjacking), while generally a benign process, could be exploited by threat actors to fraudulently activate a SIM card under their control with a victim's phone number. This makes it possible to intercept SMS messages and voice calls and receive MFA-related messages that control ac