MobileRead Forums
Register Guidelines E-Books Today's Posts Search

Go Back   MobileRead Forums > E-Book General > News
Reload this Page Macmillan Publishing Security Incident

Notices

Reply
 
Thread Tools Search this Thread
Old 06-30-2022, 01:54 AM   #1
CRussel
(he/him/his)
CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.CRussel ought to be getting tired of karma fortunes by now.
 
CRussel's Avatar
 
Posts: 12,161
Karma: 79742714
Join Date: Jul 2010
Location: Sunshine Coast, BC
Device: Oasis (Gen3),Paperwhite (Gen10), Voyage, Paperwhite(orig), Fire HD 8
Macmillan Publishing Security Incident
Macmillan Publishing has had its IT systems compromised ("the encryption of certain files") and has been down for a couple of days, at least. Most stories are behind a paywall but I found this one on a UK site, The Bookseller.
CRussel is offline   Reply With Quote
Old 06-30-2022, 02:18 AM   #2
Sarmat89
Evangelist
Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.Sarmat89 ought to be getting tired of karma fortunes by now.
 
Posts: 482
Karma: 2267928
Join Date: Nov 2015
Device: none
Serves them right. The only scenario the "encryption of certain files" is happening is when a company is too stingy to contract qualified service personel, or allows some higher-up staff to bypass security policies established by the IT department.
Sarmat89 is offline   Reply With Quote
Old 06-30-2022, 03:03 AM   #3
DNSB
Bibliophagist
DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.
 
DNSB's Avatar
 
Posts: 35,464
Karma: 145525534
Join Date: Jul 2010
Location: Vancouver
Device: Kobo Sage, Forma, Clara HD, Lenovo M8 FHD, Paperwhite 4, Tolino epos
Quote:
Originally Posted by Sarmat89 View Post
Serves them right. The only scenario the "encryption of certain files" is happening is when a company is too stingy to contract qualified service personel, or allows some higher-up staff to bypass security policies established by the IT department.
The best way to describe your response is bullshite. I work in IT and all too often, the reason for a security breach is not the company personnel or higher-ups bypassing security policies. Getting in through a third party contractor (supply chain attack) is currently the most probable path for an attack. Remember the Solar Winds breach? Most likely done by a nation-state hacking group called Nobelium who used a supply chain attack. Add in zero day attacks using discovered but not patched flaws in software, malware introduced by multiple methods, insider threats, social engineering, etc.

At my current employers, we have implemented as close to a zero trust environment as we can do and still allow the network access required for people to do their jobs. We've segmented the network to prevent lateral migration. We have done our due diligence and are far ahead of where we were when we started the security improvement project. We have done and are still doing ongoing security training for staff (as one company calls it, the human firewall). We do a lot of automated analysis of network traffic, logins, etc. And yet, we still worry about ransomware, data theft and ghod alone what else.

And yes, I know I sound paranoid—I just don't know if I am paranoid enough. The only way I will know is when we get hacked and then we'll find out if our disaster recovery plan is worth the time and money spent on it.
DNSB is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ADE Security Update & Security of Old Versions bookmarked General Discussions 9 03-09-2016 09:40 PM
Strange Incident - New PW feature johnnyb Amazon Kindle 4 08-14-2013 09:06 AM
Book price incident ! carpetmojo General Discussions 10 09-28-2011 03:49 PM
Puppy Throwing Incident TGS Lounge 14 07-04-2010 07:50 PM
Macmillan Publishing Solutions launches mobile reader service grimo1re News 2 02-04-2008 11:25 AM


All times are GMT -4. The time now is 08:27 AM.

Contact Us - FAQ - Guidelines - Privacy - Top

MobileRead.com is a privately owned, operated and funded community.