A recent cyberattack targeting leading telematics provider Microlise has temporarily disrupted critical systems for British prison transport. The company acknowledged that the attack may have led to the exposure of some employee data but confirmed that no customer data was compromised.Â
The incident raised concerns about the security of prisoner transportation, as tracking systems and panic alarms were temporarily disabled. Among the U.K.-based company’s clients is the major contractor for the British Ministry of Justice, Serco, which is responsible for prisoner escort services.
While there's no evidence that the attackers targeted Microlise specifically, the breach emphasizes the importance of robust cybersecurity measures for businesses within critical supply chains.
Microlise first disclosed the cyberattack to the London Stock Exchange on October 31, and a while later, Serco staff were notified that tracking, panic alarms, and navigation systems on prisoner escort vans were temporarily disabled due to this data breach.
While there's no evidence that the attackers targeted Microlise specifically, the breach emphasizes the importance of robust cybersecurity measures for businesses within critical supply chains. Â
Authorities have assured the public that the attack has not impacted operational services, and The company is working diligently to restore services and has notified affected individuals.Â
The incident highlights the vulnerability of supply chains and the potential consequences of cyberattacks on critical infrastructure.Â
The U.K. government is taking steps to address supply chain security risks, including promoting the Cyber Essentials scheme and introducing the Cyber Security and Resilience Bill. This legislation aims to enhance the country's cybersecurity regulations and protect essential services from cyber threats.
In other news, Archive.org and OpenLibrary.org crumbled under a massive data breach coupled with a separate series of DDoS attacks, leaking over 31 million users’ sensitive details, including email addresses and hashed passwords, as a threat actor believed the websites belonged to the U.S. government.