St Giles hacked - no one safe
This email was sent to all those who have contact information with St Giles
"In the early hours of Thursday May 9, St.Giles website was redirecting selected traffic to an unsolicited external website. This was achieved by exploiting a vulnerability in the platform hosting our website allowing a third-party to gain unauthorised access."
"Upon discovering the attack, we commenced steps to secure the site and protect your personal information."
"St.Giles has not been contacted by any party claiming responsibility for or providing evidence of data relating to this incident."
Just because no one has laid claim does not mean the damage cant be done later. Gathering information for an attack at a future time when the incident has been forgotten is a attack methodology often used.
"St.Giles apologises that this incident has occurred, and we are working as hard as possible with the relevant authorities and organisations to ensure no harm comes from this unfortunate incident.
We have already implemented identified improvements to our processes."
So why were the improvements put off until an attack happened. There is always a variety of reasons and we understand the pressures of management by fire. However the fire of potential cyber attack is only growing brighter and it is important that everyone implement the protections to be as safe as possible.