Large infrastructure company suffers data breach

The large infrastructure management company Amey has recently been attacked with a sophisticated ransomware attack. Amey Plc is one of the largest British companies within the public and regulated sectors. They manage some of the UK’s critical infrastructure - services such as rail and power networks


According to Security Report, Amey became aware of this attack around December 15th or 16th and since then they have had confidential data leaked online. This data included contracts, financial documents like bank statements and loan records, confidential partnership agreements, NDAs, government correspondence, passports, driving licenses and other employee records alongside technical blueprints, like those of Manchester Metrolink railways. This is quite a severe breach and we are expecting to hear more about it as investigations continue.


An Amey spokesperson has been quoted as saying “Amey has comprehensive tracking software and virus mitigation strategies meaning the incident was caught early. We have been working with world-leading cyber-security experts throughout this incident and continue to work with clients to keep any disruption to a minimum,”

Although specific details on how this attack was propagated are not yet known, it is well documented that most ransomware attacks utilise phishing as their initial entry point, so this seems like the most likely explanation.


BOLSTERING YOUR CYBER DEFENCES

Incidents of this nature shine a light on the fact that even with sophisticated tools and technologies in place to prevent such attacks, employee education is imperative when building a security environment capable of dealing with the sort of attacks that are happening every day now.


HOW WE CAN HELP

We at GB3 believe that the regular education of all staff in Cyber and Information Security is a vitally important tool when it comes to protecting your business. That’s why we offer a Cyber Security & Compliance Platform as a fully managed service that includes, engaging and test based eLearning, Policy deployment, simulated phishing attacks and even incident management. Our eLearning curriculum is designed to provide your staff with monthly essential information security and data protection training, covering subjects such as Phishing, Ransomware, GDPR and much more.


Contact us today for a tailored demonstration and find out about our proven delivery model for getting you up and running.

170 views0 comments

Our Office

Birch House
The Oaks Business Park

Longridge Road
Preston

Lancashire

PR2 5BQ

contactus@gb3.co.uk

01772 851110

Part of the EG Group

Registered Office:

Waterside Head Office

Haslingden Road

Blackburn

Lancashire

BB1 2FA

  • Instagram
  • LinkedIn
  • Twitter

Want to know more about how we can help your business?

Please fill out the form below and a member of our team will get in touch shortly.

Our Policies

Our Company

GB3 Limited is a company incorporated in England and Wales.

Registration number 05147753

© 2021 - GB3 Limited