Originally posted by PerfectStorm
View Post
- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Nixon Williams hit by Cyber Security incident
Collapse
X
Collapse
-
Public Service Posting by the BBC - Bloggs Bulls**t Corp.
Officially CUK certified - Thick as f**k. -
Jesus, I'm glad I got out when I did https://uk.trustpilot.com/review/www.nixonwilliams.com⭐️ Gold Star ContractorComment
-
Originally posted by PerfectStorm View Post
Oh great.
Anyone been able to pull all the files down to check their exposure? I've tried but the server is taking a hammering.
At first sight: a lot of spreadsheets, PDFs, scans of passports... doesn't appear to be benign data in any sense.
You can email Doug Crawford to ask why his amateur oversight resulted in this hack, but you will just get an out of office response that he isn't in the office.
[email protected]Comment
-
Originally posted by agentzero View Post
What server are you downloading from? The first one I've looked at has a lot of raw database files that are not formatted, or have been sanitised before being dumped into a database file. There are no passport details but there is everything else an identity thief would want.
It's mentioned in the article - Vice Society's blog, which is available on the clear net by appending .ly to the TLD - you'll be on the right track if you find a purple coloured website where the first link is a link to the Optionis files, presented as an HTTP folder full of files.
⭐️ Gold Star ContractorComment
-
Originally posted by PerfectStorm View Post
I won't link it here, but it's all absolute files - PDFs, images, spreadsheets - nothing as complex as a database and so many files the index.html won't finish loading while it's still on the "A"s. Seems to contain every file the company ever owned, or something close to.
It's mentioned in the article - Vice Society's blog, which is available on the clear net by appending .ly to the TLD - you'll be on the right track if you find a purple coloured website where the first link is a link to the Optionis files, presented as an HTTP folder full of files.
Public Service Posting by the BBC - Bloggs Bulls**t Corp.
Officially CUK certified - Thick as f**k.Comment
-
Originally posted by agentzero View Post
What server are you downloading from? The first one I've looked at has a lot of raw database files that are not formatted, or have been sanitised before being dumped into a database file. There are no passport details but there is everything else an identity thief would want.
You can email Doug Crawford to ask why his amateur oversight resulted in this hack, but you will just get an out of office response that he isn't in the office.
[email protected]Public Service Posting by the BBC - Bloggs Bulls**t Corp.
Officially CUK certified - Thick as f**k.Comment
-
Originally posted by PerfectStorm View Post
I won't link it here, but it's all absolute files - PDFs, images, spreadsheets - nothing as complex as a database and so many files the index.html won't finish loading while it's still on the "A"s. Seems to contain every file the company ever owned, or something close to.
It's mentioned in the article - Vice Society's blog, which is available on the clear net by appending .ly to the TLD - you'll be on the right track if you find a purple coloured website where the first link is a link to the Optionis files, presented as an HTTP folder full of files.
The data released isn't the full set, for certain. It's a mix of NW, Clearsky, Parasol and SJD. It seems to be an initial release. I would think Vice are in contact with Optionis to negotiate some crypto before releasing the rest in sets. The summary in security circles is that Vice managed to export everything, which means that the number of files must be in the hundreds of thousands. TrustPilot does reflect the reality, people are angry and are right to be angry.
Why are there .FLAC music files on optionis servers? For staff to relax to after a hard live chat session?Comment
-
For those who have had data stolen Cifas Protective Registration
https://www.cifas.org.uk/pr"You’re just a bad memory who doesn’t know when to go away" JRComment
-
Originally posted by agentzero View PostWhy are there .FLAC music files on optionis servers? For staff to relax to after a hard live chat session?
Comment
-
Interestingly, they haven't notified former customers of any breaches.
This means one of two things, that nothing was breached for customers they don't have any more... or data was breached, and they're failing in their statutory duties.
Which do you think it is?⭐️ Gold Star ContractorComment
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Reports of umbrella companies’ death are greatly exaggerated Today 10:11
- A new hiring fraud hinges on a limited company, a passport and ‘Ade’ Yesterday 09:21
- Is an unpaid umbrella company required to pay contractors? Nov 26 09:28
- The truth of umbrella company regulation is being misconstrued Nov 25 09:23
- Labour’s plan to regulate umbrella companies: a closer look Nov 21 09:24
- When HMRC misses an FTT deadline but still wins another CJRS case Nov 20 09:20
- How 15% employer NICs will sting the umbrella company market Nov 19 09:16
- Contracting Awards 2024 hails 19 firms as best of the best Nov 18 09:13
- How to answer at interview, ‘What’s your greatest weakness?’ Nov 14 09:59
- Business Asset Disposal Relief changes in April 2025: Q&A Nov 13 09:37
Comment