• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Nixon Williams in Dec 2022 informs customers about cyber attack in Jan 2022

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    Nixon Williams in Dec 2022 informs customers about cyber attack in Jan 2022

    Had this from them. Months after asking if I was affected.

    I am writing to you about a cyber security incident that affected Nixon Williams Limited earlier this year.

    The reason I am writing to you now is that we believe that during the incident personal information belonging to you was copied from our systems by an unauthorised third party and subsequently published online.

    I want to sincerely apologise for this. In this letter I’ve sought to explain the incident, detail the information involved, provide you with some guidance and outline the steps that have been taken in response.

    What happened?

    In January, Optionis (the parent company) became aware of a security issue in which a cyber criminal group accessed our IT systems and copied data which they subsequently published on the dark web. We immediately took steps to address the issue, including working with third-party IT cyber security experts to investigate, manage and resolve the incident.

    Regrettably, the process of identifying the information that was copied from our systems and published online has taken several months. I am very sorry that it has taken some time to notify you. We worked with highly experienced IT security experts and drafted in a large team of people to carry out the work of analysing the affected data to accurately, and as quickly as reasonably possible, assess the impact on individuals.

    What information about you was affected?

    We have identified evidence that data copied from our systems relating to you includes:

    Name

    Address

    Date of birth

    NI number









    What should you do next?

    GENERAL

    Given the nature of this information, we wanted to let you know about the incident and share some guidance on what you should do next. We recommend that you exercise increased vigilance in all matters relating to your personal details.

    In particular, it is good practice to:
    • Check that all details for direct debits are up to date, and delete any that are no longer needed;
    • Check bank accounts regularly, and contact the bank if you see any transactions you do not recognise;
    • Be suspicious if anyone contacts you by email, phone call or text message asking you to confirm your direct debit details; and
    • Enable two-step authentication on all your online services.

    We are offering those affected 12 months of credit and identity monitoring at no cost through Experian Identity Plus, the UK’s leading credit monitoring service. The monitoring is purely precautionary but helps detect possible misuse of your personal data and you will be able to receive regular alerts to notify you if there are significant changes on your credit report. The details on how to register for this service are at the bottom of this letter.







    Our response and next steps

    We take data security very seriously and we are deeply sorry for the inconvenience this incident may have caused. We have responded by taking the following measures:
    • We launched an investigation led by expert cyber forensic specialists – who also advised us on steps we can take to improve our cyber security.
    • We reported the incident to the relevant organisations, including the police and the Information Commissioner’s Office (ICO).
    • We have further strengthened our cyber defences by enhancing existing systems and deploying more advanced threat protection measures, including a specialist security monitoring tool.

    No organisation can completely eliminate the threat posed by cyber criminals, however, we are committed to learning the lessons from this incident.

    We appreciate that you may have some questions once you have had time to read the above. If you would like more information, please call our dedicated assistance line (managed for us by Experian) on 0800 881 5181, Monday to Friday, anytime between 8 am and 6 pm (GMT).

    Yours sincerely,

    Doug Crawford

    CEO, Nixon Williams Limited 

    Your Complimentary Experian Identity Plus membership

    To help you to monitor your personal information for certain signs of potential identity theft, we are offering you a complimentary 12-month membership to Identity Plus. This service helps detect possible misuse of your personal data and provides you with identity monitoring support, focussed on the identification and resolution of identity theft.
    ⭐️ Gold Star Contractor

    #2
    I wonder if HMRC bought it off the dark web to aid their MSC investigations?
    'CUK forum personality of 2011 - Winner - Yes really!!!!

    Comment


      #3
      It's been so long that my first thought was that this was a phishing e-mail.

      It wasn't sent from a Nixon Williams e-mail address, it came from someone at adaresec.com and I've never heard of them.
      The Experian and Unsubscribe links look decidedly dodgy, but appear to be MailJet tracking links.

      Comment


        #4
        Same here. I noticed the email was sent by a dodgy-looking address, not Nixon Williams themselves, making me ask NW to confirm its authenticity. It turns out the email really is genuine.

        Oh, and the complementary Experian activation code in the email doesn't work either.

        Comment


          #5
          Originally posted by northernladuk View Post
          I wonder if HMRC bought it off the dark web to aid their MSC investigations?
          They won't need to buy it. GCHQ would already have passed on relevant information. I reckon.
          Public Service Posting by the BBC - Bloggs Bulls**t Corp.
          Officially CUK certified - Thick as f**k.

          Comment


            #6
            Originally posted by northernladuk View Post
            I wonder if HMRC bought it off the dark web to aid their MSC investigations?
            They wouldn’t need to - it was made freely available on the same dark web. It’s distribution limited only by the sheer file size been hosted by servers that were getting involuntarily DDOS’d by so many requests to download it.
            ⭐️ Gold Star Contractor

            Comment


              #7
              I've noticed that there is a company offering some sort of group action/claim against NW, Parasol, SJD and the rest.

              https://www.kellerpostman-databreach...parasol-group/

              That said, they seem like the sort of ambulance chaser company that starts up a bit of action after every Cyber attack and gives you £2.50 at the end once they've deducted their fee.
              ⭐️ Gold Star Contractor

              Comment


                #8
                I had the same today in my junk mail and it was addressed to my full name. Came from notifications at optionis dot co dot uk.


                I find it odd as it went to an email that I don't use for company/contracting stuff.

                qh
                Last edited by quackhandle; 13 December 2022, 21:19.
                He had a negative bluety on a quackhandle and was quadraspazzed on a lifeglug.

                I look forward to your all knowing and likely sarcastic and unhelpful reply.

                Comment


                  #9
                  Originally posted by quackhandle View Post
                  I had the same today in my junk mail and it was addressed to my full name. Came from notifications at optionis dot co dot uk.


                  I find it odd as it went to an email that I don't use for company/contracting stuff.

                  qh
                  I had the same actually. They emailed my business and my non-business - I might’ve accidentally emailed my accountant from my personal and I’m guessing they harvested it from that (via the data dump itself, or accountant address books)
                  ⭐️ Gold Star Contractor

                  Comment


                    #10
                    Got same email I left NW 10 yrs ago annoyed they still holding my info for that long after not being a client.
                    Last edited by BoggyMcCBoggyFace; 13 December 2022, 21:55.

                    Comment

                    Working...
                    X