Weekly podcast: O2 customer data, ransomware, and this month’s breaches

This week, we discuss O2 customer data appearing on the dark net, a new affiliate programme for ransomware, and this month’s list of data breaches and cyber attacks.


Hello and welcome to the IT Governance podcast for Friday 29 July. Here are this week’s stories.

News broke this week of O2 customer data appearing on the dark net. Multiple news sites reported that login credentials for O2 customers were for sale, but, when digging a little deeper, it’s been found that O2 hasn’t suffered a breach. The customer details, while legitimate, were credentials stolen from separate breaches. These customers used the same credentials on multiple sites – which, for obvious reasons, is a bad idea.

O2 issued a statement saying: “We have not suffered a data breach. Credential stuffing is a challenge for businesses and can result in many company’s customer data being sold on the dark net. We have reported all the details passed to us about the seller to law enforcement and we continue to help with their investigations.”

The developers of well-known ransomware Petya and Mischa have officially made their malicious software open to the public.

The “ransomware as a service” (RaaS) programme launched this week pays out distributors based on how many bitcoins they extort from their victims. If the distributor collects fewer than five bitcoins a week, they get to keep only 25 percent of the payments.

We’ve often spoken about how cyber criminals operate in ways similar to a legitimate business, and this new affiliate-style programme is a perfect example.

Security expert Lawrence Abrams explained the new programme, saying: “Unlike other ransomware services, the Petya & Mischa RaaS requires potential affiliates to send in a small amount of bitcoins, which equates to ~$1.00 USD, in order to register. Though this is not a lot of money, the RaaS states it is being done to ‘discourage timewasters and kiddies’. They further state that this money will be refunded in the affiliates first revenue share payment.”

Finally, it’s almost the end of the month, which means that we’ve published our monthly list of data breaches and cyber attacks. At the time of this recording, we’ve calculated that there have been over 33 million known leaked records in the month of July – which is far less than June’s 289 million.

To view the list of this month’s breaches, visit our UK blog at itgovernance.co.uk/blog/.

Well, that’s it for this week. Don’t forget to comment below, telling us a bit about yourself and what you’d like more information on. And, until next time, remember that you can keep up to date with the latest information security news on our blog.

Whatever your cyber security needs – whether regulatory compliance, stakeholder reassurance or just greater business efficiency – IT Governance can help your organisation to protect, comply and thrive. Visit our website for more information: itgovernance.co.uk.