Local trade website hack hits 1,000s of users

| 29/08/2015 | 0 Comments

CNS Business(CNS Business): The Cayman-based web directory and trading site, Ecay Business, has been hacked, impacting what the local regulator has said is thousands of user accounts, passwords and email addresses. Users are being urged to change their passwords and any other passwords they use on other sites similar to the ones used on Ecay.

The breech was announced in a release from the Information and Communications Technology Authority which said its Cyber Incident Response Team Cayman (CIRT-KY) had been made aware of the cybersecurity breach or ‘hack’  affecting the security of the Ecay Trade account holders by Deloitte Enterprise Risk Services.

“We can confirm that a significant amount of users’ information that is linked to Ecay Trade accounts have been leaked and this breach has the potential to impact not only users’ Ecay  Trade accounts  but other accounts that they may maintain on the web,” said a CIRT-KY spokesperson from ICTA.

The ICTA also stated that Ecay Trade had published a notice to its users advising them to change their passwords to prevent any unauthorised access to their Ecay Trade account. However, there was no notices on the website Saturday and calls to the office were unanswered and messages enquiring about the situation have not yet been returned.

The ICTA’s cyber security team, however, said users should change their Ecay Trade passwords, and any other passwords that are similar to their Ecay Trade passwords that are used on any other website.

According to the CIRT-KY, Cayman is not immune to cyber-attacks and the team warned of an increase in the frequency and the sophistication of attacks.

“Any business or entity in the Cayman Islands serving customers or conducting transactions over the Internet is strongly encouraged to review and strengthen the security of their systems, processes, and servers. Like businesses with an online presence, individuals also need to take measures to secure their data and their systems,” the cyber officials added.

“We urge users to employ complex passwords – using combinations of  alphanumeric characters – for all their online accounts, change those passwords regularly and not use one password for several accounts.”

A spokesperson from Deloitte Enterprise Risk Services who detected the leak said awareness was key to dealing with any cyber incident.

“Cyber Incident Response actually begins before an incident occurs by creating a Cyber Incident Response Plan.  A set of proactive and responsive capabilities are required for an organization’s operations to rapidly adapt and respond to Cyber Incidents and continue operations with limited impact to the business,” he added.

Anyone or any business who suspects a cyber-security breach or vulnerability can email CIRT-KY on cirt-ky@icta.ky.

CIRT-KY is the cyber-security arm of the Information and Communications Technology Authority (ICTA), which was created to enhance the security and resilience of the Cayman Islands’ critical infrastructure and to maintain a cyber-environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy and protecting the perception and reputation of the jurisdiction.

Tags: , ,

Category: ICT, Local Business, Technology

Please include your email address in the form below if you are using your real name. You can use a pseudonym, with or without leaving an email address, or just leave the form blank to be "Anonymous". All comments will be moderated before they are published. The CNS Comment Policy is at the top of this page.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: