On Tuesday 2nd June 2020, Employability Solutions experienced a hack of our email system.
This involved contacts being sent a request for payment or a link to open a shared file.
We can confirm our system is now completely secure and it is safe to resume email communication.
We can confirm the following action was taken following the discovery of the email system being compromised.
We have fulfilled our legal obligation to notify the Information Commissioners Office (ICO) about this breach. The incident was reported to the Cyber Crime Unit who have supported us to secure our system and there is now an official log of this crime with Merseyside Police. We shared information about this immediately and where possible, via all communication channels, including website and social media.
The following measures were put in place immediately to ensure that we are secure:
- All email accounts had passwords changed and had two-factor authentication activated
- Checks were carried out on all email accounts using Power Shell to identify any rules applied to accounts and these have been actioned.
- We are Cyber Essentials accredited and have completed an assessment of our systems and security, including communications, data storage, sharing protocols etc.
- We have contacted / attempted to make contact with all partners, contractors, schools and companies who we provide services for to ensure bank account details have not been compromised.
- With support from both Word Shed and PPCP IT Support, we have been able to action all recommendations and future proof our IT systems. THANK YOU!
We can confirm that following a forensic investigation into this breach, NO personal or sensitive data pertaining to students, staff or those we work in partnership with was compromised at any point.
We have also taken further steps to improve security moving forward including increasing the use of existing platforms such as Egress or AnyComms.
We want to thank all those involved for bringing it to our attention instantly and therefore helping us to respond immediately. Thank you for your understanding and patience whilst we navigated our way through this new and difficult situation.
If you are still worried that you may have been compromised due to clicking on any links in the email and would like advice or support to secure your email system, please contact us.
If you believe financial transactions may have been compromised, please contact Sarah Riley, Business Manager urgently on 0151 427 4193