Fundamentals First

Fundamentals First

Share

Contact information, map and directions, contact form, opening hours, services, ratings, photos, videos and announcements from Fundamentals First, Information Technology Company, Leeds.

03/02/2021

Almost the entire population of Brazil is now at risk of what could be the largest ever breach in history.

On January 19, 2021, it was discovered that the private data of over 220 million Brazilian citizens was leaked. The source of the leak is currently unknown.

Unfortunately, this is not the first time Brazil has come under fire for a large data breach. A significant leak of COVID-19 patients’ details earlier in 2020, due to weak encoded credentials in the source code of the Brazilian Health Ministry website, exposed personal data for over six months. Medical records are one of the most sensitive categories of personal data, and the leak exposed both living and deceased Brazilians’ medical records to possible unauthorised access.

The latest breach contained detailed information on 40 million companies and 104 million vehicles. The breach is said to have leaked personal ID numbers (CPF), dates of birth, and full names of nearly all the Brazilian population. The data also included Brazilian company identification numbers (CNPJ), corporate name, trade name and date of foundation of companies. It also included chassis number, license plate, colour, make, model, year of manufacture, engine number, fuel type and ownership location of vehicles. In total, the leak poses a risk to over 220 million Brazilians, effects companies and government agencies.

To cyber criminals, the combination of personal data and vehicle data is a very valuable asset for resale on the dark web. The personal data is useful for profiling people for many types of fraud activity, and the vehicle data can be useful for vehicle cloning.

Claiming to be from outside of Brazil, the criminal is selling the data on forums in small batches of 1,000 records each, for approximately $100 of bitcoins per batch.

Unfortunate for Brazil, it is becoming more and more commonplace to read about large data breaches in the press. Back in 2019 it was reported that a criminal was attempting to auction an illegal database containing personal information of 92 million Brazilian citizens. Registered as X4Crow, the criminal was not only selling the data, but offering a search service to retrieve detailed information on Brazilian citizens. This is also at a time where IT managers in Brazil are reporting insufficient budgets for cybersecurity, raising concerns around the continual security of personal and operational data for Brazilian organisations.

In August 2018, Brazil passed a comprehensive data privacy law called the General Data Protection Law (the Lei Geral de Proteção de Dados Pessoais, LGPD). Since the enactment of the LGPD, businesses and organisations doing business in Brazil have been ramping up and preparing for the implementation of the law.

However, the implementation time frame of the LGPD was hampered as a result of the COVID-19 pandemic and organisations being ready. Regardless, continued large scale breaches demonstrate the need for increased enforcement and improvement in data security in Brazil.

https://fundamentalsfirst.co.uk/data-privacy/?utm_source=facebook.com&utm_medium=social&utm_campaign=BrazilBreach03022021

01/02/2021

A group of cyber criminals working under the title ‘EMOTET’ have had thousands of devices seized in one of the biggest coordinated attacks on cybercrime the world has seen.

EMOTET has been one of the most well organised and enduring cybercrime organisations in the world and have been selling malware to criminal organisations to carry out data theft and extortion through ransomware.

One of the more common methods used by EMOTET is to deploy the malware via email attachments. The user receives an email with a document attached. The user is then asked to enable macros within the document, and that is when the malicious code hidden within the file is executed.

This story serves to highlight two key points. The first is that cyber criminals are becoming more and more sophisticated and it is vital that you have the right protection in place to do everything you can to prevent, detect and respond to these threats.

The second point is that awareness and training within your teams is critical, so they recognise suspicious emails and know how to deal with them.

At Fundamentals First we have security solutions that will protect you at any time of the day, as well providing awareness training to ensure your teams are fully prepared.

https://fundamentalsfirst.co.uk/security-operations-centre/essential-soc/?utm_source=facebook.com&utm_medium=social&utm_campaign=EMOTET01022021

22/01/2021

Fundamentals First are delighted to announce that we have been awarded UK Government supplier status on the Digital Outcomes and Specialists 5 (DOS5) framework operated by the Crown Commercial Services.

The DOS5 framework is designed to help the public sector buy, design, build and deliver bespoke digital solutions and services.

Hamish Price, CEO Founder stated “We are proud to accept UK Government supplier status on the Crown Commercial Digital Outcomes and Specialists (DOS) framework. We continue to provide both public sector and private enterprise great services across the technology estate, from our IT Help Desk and virtualised Security Operations Centre, through to our digital application development and governance services.“

https://fundamentalsfirst.co.uk/?utm_source=facebook.com&utm_medium=social&utm_campaign=DOS5220121

Want your business to be the top-listed Computer & Electronics Service in Leeds?
Click here to claim your Sponsored Listing.

Telephone

Address

Leeds