GB Aviva PLC May 2014 Hacking (Q9452)
From Open Risk Manual
A data breach risk event
Language | Label | Description | Also known as |
---|---|---|---|
English | GB Aviva PLC May 2014 Hacking |
A data breach risk event |
Statements
6BA5B1DA-7892-4261-91EB-CFA9903EA22A
May 2014
0 references
Mobile device management systems at insurance giant Aviva UK were last month hit by an attack purportedly based on the Heartbleed exploit, although the firm denies this that appeared to allow the perpetrator to royally screw with workers iPhones.The insurance giant has played down the breach but El Regs mole on the inside claims Aviva is in talks about moving to a new platform in the wake of the incident. Aviva was using BYOD service MobileIron to manage more than 1,000 smart devices such as iPhones and iPads. On the evening of the 20 May, a hacker compromised the MobileIron admin server and posted a message to those handhelds and the email accounts, according to our source.The hacker then performed a full wipe of every device and subsequently took out out the MobileIron server itself.Hac (English)