<

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

Cyber attack on Premium Credit

Published on
3,201 Points
201 Views
Last Modified:
Editors:
Adrian McGarry
Information is at the heart of my experience in IT, with over 20 years as a Data Protection Officer.
On Sunday 16th September 2018 at 9.30am, Premium Credit - a number one insurance premium finance company in the UK and Ireland came under cyber attack.

The cyber attack on Premium Credit  


On Sunday 16th September 2018 at 9.30am, Premium Credit - a number one insurance premium finance company in the UK and Ireland came under cyber attack.


For over 25 years, Premium Credit has helped businesses and individuals pay for their insurance. They provide the finance to pay annual fees such as professional fees, membership subscriptions, commercial service charges, and school fees.


Premium Credit go offline!


The cyber incident on Sunday interrupted services and Premium Credit took immediate action to protect the company, their customers and to start a forensic investigation.


Their website was taken offline and nothing of substance so far has come to light.

Tom Woolgrove -  Premium Credit’s Chief Executive


Premium Credit’s Chief Executive Tom Woolgrove said: “We were notified that we were under a cyber incident and it was a proactive decision that we took to take our systems down in order to protect ourselves and our brokers.”

Brokers and customers took to Twitter to complain about the ongoing situation. Premium Credit responded telling customers that they were experiencing system issues. This was followed by another tweet assuring customers that they will not be ‘disadvantaged’ by the issues that they were experiencing.


Yesterday, (19th September) the latest tweet by Premium Credit, confirmed that they are continuing to restore services and will resume trading ASAP. Ongoing investigations indicate that all customer data is safe & secure.

Penalties and canceled agreements


The company has ensured that there will be no penalty payments if payments have not been received and they will not be canceling agreements.


Insurance brokers


Tom Woolgrove said that Premium Credit had been communicating with brokers on a very regular basis - three or four communications a day. Keeping them informed by email, social media and direct phone calls. However, there have been frustrations by some who feel like they are being left in the dark.


Has there been a data breach?


The Premium credit Chief Executive said that he was very confident that there has been no data breach and that customer data remains safe and secure. They are starting to bring their broker systems back online in a considered way to make sure there is no risk to their brokers and no potential for harm because of the nature of the cyber incident.


The ICO


The incident has been reported to the Information Commissioner’s Office (ICO) and the Financial Conduct Authority (FCA) have also been informed. 


The ICO states that ”not every incident relating to a lapse in the security or integrity of a trust service is a breach”.  Its’ guidance under breach reporting clarifies that ”If there is no harm caused, or there is only a minimal effect, this will not qualify as a breach.”


It appears that potentially hackers have locked Premium Credit out of their system but no data has been stolen but we will have to wait to find out.


The impact of the new GDPR is coming to light more and more each day. It is no doubt leaving some companies shaking in their boots, motivating hackers to become even savvier but in the long run, when the creases are ironed out - people will realise that the GDPR is a good thing.

 

Adrian McGarry

 

References:

https://www.insuranceage.co.uk/broker/3604216/premium-credit-explains-taking-system-offline

https://ico.org.uk/for-organisations/guide-to-eidas/breach-reporting/ 

 


0
  • 2
2 Comments
LVL 5

Author Comment

by:Adrian McGarry
Thanks Andrew
0
LVL 5

Author Comment

by:Adrian McGarry
Thank you Andrew
0

Featured Post

Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month