‘Human error’ let criminals hack Sepa’s systems with £42m unaccounted for
News and information from the Advent IM team.
- by Olivia Lawlor-Blackburn
- Industry News
SCOTLAND’S auditor general has revealed that a huge cyber attack on the Scottish Environmental Protection Agency (Sepa) was carried out after “human error” allowed criminals to access systems.
Sepa suffered a huge ransomware attack on Christmas Eve in 2020 which led to around 1.2GB of data, amounting to at least 4,000 files, being stolen.
An investigation by Police Scotland concluded it likely that an international serious organised crime group was responsible for the extortion attempt
Auditor general Stephen Boyle told MSPs on Holyrood’s Public Audit Committee that “the majority of Sepa’s data, including underlying financial records were encrypted, stolen or lost”.
“There’s likely to have been an element of human error that has allowed the route in to Sepa’s systems.
“No matter how much preparation is done these events do happen, even in well prepared organisations with high levels of maturity.”
Read via Herald Scotland