Angling Direct, one of the largest fishing tackle specialists, has announced that it is currently managing a cyber security incident. Links on their website were replaced with links to adult content, and the company’s Facebook and Twitter accounts were compromised by the hackers. Given that both the website and the social media pages were compromised, it seems likely that the hackers have gained access to admin passwords, or possibly just a single password if the company was reusing it across multiple websites.
At this early stage, we do not know whether customer data has been compromised, or whether a ransomware attack has been conducted. However, the hackers have pinned a tweet on the hacked Twitter account saying “We will return the information and access to you. Otherwise we will automatically remove from our system in 31 days”, which implies that the company may have been the victim of a ransomware attack. Either way, the hack will cost Angling Direct a lot of money as they have been unable to take or fulfil orders. The company’s hacked Twitter profile also mentions to contact firstname.lastname@example.org, implying that the hackers have control of email accounts. This could easily have already been used to target fishing tackle manufacturers or customers, as any emails would appear to be from genuine Angling Direct accounts and therefore it is more likely that malicious links or attachments would be opened.
“This unauthorised activity shut down the company’s websites and these remain inactive,” Angling Direct said.
Some of Angling Direct’s social media accounts have also been compromised.
“Work continues round the clock to bring the websites back online,” the retailer said.
“As a precaution, the company has notified the relevant regulators and law enforcement agencies, including the Information Commissioner’s Office in the UK.
“We are mindful of our obligations regarding data; it is too soon yet to make any determination around the impact this incident has had on personal data, but we will inform any individuals in line with our regulatory obligations should there be a need to do so.
“Importantly, the company does not hold any customer financial data as our website transactions are handled by third parties.”
Angling Direct said that “as matters currently stand”, it is not expected that there will be a detrimental impact on underlying trading and it will “continue to assess any cost exposure that this incident may create”.
The key message here is that although Angling Direct were the victim, this could happen to anyone. Smaller companies often have difficulty finding the budget to invest in cyber security controls beyond the standard anti-virus software and firewalls, and even if a company does choose to invest more in their security, there are so many options and no easy way to know how best to spend it to help make you secure. So what do you do? How do you defend yourself against cyber attacks?