Parents Using School Payment Service Have Card Details Comp
Leo Daniels • October 13, 2020
This is a subtitle for your new post
UK school payment service Wisepay has revealed that the card details of parents who made transactions on its site between October 2 and 5 have been compromised.
This was after Wisepay’s website was hacked, resulting in an attacker harvesting payment details via a spoof page. The attack begun on the evening of Friday October 2 and was not noticed until the following Monday morning at 10.00am.
The company, which is “a secure online school payments service, allowing parents and guardians to make cashless payments to their school or college” ranging from exam fees to school meals, temporarily took its site offline in response.
Quoted by the BBC, Wisepay’s managing director Richard Grazier said the site has since come back online and is safe to use. While attempted payments to around 300 schools are believed to have been affected by the attack, Grazier added that “it’s quite a small subset of users of the platform” because the kinds of cashless payments made are not conducted on a daily basis.
Those affected will be identified and contacted by Wisepay.
Commenting on the story, Miles Tappin, VP of EMEA at ThreatConnect
said: “The threat landscape for any organization is massive and finding gaps in security is simply a cat and mouse game for hackers. When it comes to financial organizations, they are seen as a lucrative target as they hold highly sensitive information and have a mandate to protect the personal information of their customers. With WisePay being a financial organization aimed at the education sector, this proved to be a gold mine for hackers.
“No company is immune from the dangers of being compromised. It’s essential that any potential target understands as much as they can about the threats they face and the tools needed to ensure they remain secure. Organizations must prioritise knowing where adversaries are, the tools and techniques they use, and what information adversaries think are most valuable.”
We’re 1-fix, we can help you secure your business
At 1-fix, we take a realistic approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take.
Join Our Mailing List
All sign-ups are handled inline with our privacy policy and can unsubscribe at any time.
Recent Blogs
Avoid the risks of using Office 365 Home at work. Learn why Office 365 for business is the right choice for security, scalability, and compliance.
Discover the key benefits of outsourced IT support, from enhanced cybersecurity and 24/7 monitoring to cost savings and regulatory compliance.
Stay cyber secure while travelling with 10 expert tips. Use VPNs, avoid public Wi-Fi, and protect your data on the go.
In a world where AI is changing how we work and compete, security is more important than ever. We are gathering industry leaders and AI experts for a special roundtable event. This event will focus on a key topic: AI security.
Microsoft 365 Business Basic offers a range of cloud-based services designed to empower businesses to work smarter and more efficiently. Let's delve into what this package includes and how it can benefit your organisation.
We’re excited to announce an informative webinar featuring Elliot Wilkie from Brigantia and Craig Atkins from 1-Fix, diving deep into the world of DMARC on 8th July at 2 PM . This is an essential session for anyone looking to secure their email communications, understand DMARC compliance, and enhance their email deliverability.
