Cyber-Attack on Microlise Disrupts DHL and Serco Tracking Services

Written by

A cyber-attack targeting telematics provider Microlise has disrupted tracking services for key clients like DHL and Serco while exposing some employee data.

The company, which supplies asset-tracking software to large corporations, announced the breach on October 31. Following the disclosure, Microlise’s stock price dropped by 16%, and the company has been working to restore its systems by the end of the week.

The attack compromised “some limited employee data,” according to Microlise’s statement to the London Stock Exchange, although the company has indicated that customer data was not affected.

Microlise has engaged third-party cybersecurity specialists to assist in containing the incident and restoring systems. The company is also notifying affected employees in line with regulatory guidelines, including informing the Information Commissioner’s Office.

Key impacts on clients include:

  • Serco: Tracking and panic alarms in prison transport vehicles were disabled, forcing crews to rely on alternative safety measures, such as checking in every 30 minutes and using paper maps. Despite the disruption, Serco maintained that its services for the Ministry of Justice were not interrupted.

  • DHL: Delivery tracking for the Nisa Group was affected, hindering supply chain operations. DHL has since resumed tracking capabilities but did not disclose details on specific impacts to its delivery schedules.

Read more on supply chain vulnerabilities: Supply Chain Attack Uses Smart Contracts for C2 Ops

This attack on Microlise highlights the risks associated with supply chain disruptions. Cybersecurity expert James Neilson, SVP international at OPSWAT, commented that such incidents illustrate the need for businesses to strengthen supplier security policies.

“As a trusted technology provider, Microlise’s role in asset tracking made it an appealing target for attackers. Cybercriminals increasingly understand that disrupting a single supplier can have far-reaching effects across multiple clients,” the executive said.

“In an era of frequent, high-impact cyber-attacks, only a coordinated approach that identifies risks and enforces controls across the digital supply chain – supported by strong cyber hygiene and resilient security measures – can prevent service disruptions and data breaches.”

Image credit: Belish / Shutterstock.com

What’s hot on Infosecurity Magazine?