Planet Ice – operators of an ice rink in Bristol – have been hacked and customer data has been compromised. That is the bad news.
The good news is – and I am going to say here that Planet Ice planned this, but I have no evidence, just the benefit of the doubt – that customer financial data was not compromised as Planet Ice had separated that information from their main IT systems and had contracted the finance to another separate company system.
This separation of information is something threat actors hate. They would prefer you to have everything in one place with only a single level access across all your information so when they get in, they can take everything.
So take some time, think about your information and do you compartmentalise it?
Planet Ice did and they protected their customers.
And as long as the customers wee using a unique password, then credential stuffing will not be an option for the threat actors. Of course that is the responsibility of the users not Planet Ice.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
What is Credential Stuffing and why is it a problem for you? – CyberAwake