From RCIPS

GRAND CAYMAN, CAYMAN ISLANDS – 28 August 2015 – The Cyber Incident Response Team Cayman (CIRT-KY ) announced today that it has been made aware of a cybersecurity breach – commonly known as a ‘hack’ – which has affected the security of the email addresses and passwords of thousands of eCay Trade account holders.

CIRT-KY is the cyber-security arm of the Information and Communications Technology Authority (ICTA) and its mission is to enhance the security and resilience of the Cayman Islands’ critical infrastructure and to maintain a cyber-environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy and protecting the perception and reputation of the jurisdiction..

eCay Trade has published a notice to its users advising them to change their passwords to prevent any unauthorised access to their eCay Trade account.

“We can confirm that a significant amount of users’ information that is linked to eCay Trade accounts have been leaked and this breach has the potential to impact not only users’ eCay Trade accounts but other accounts that they may maintain on the web,” said a CIRT-KY spokesperson. “At this time, we are reiterating eCay Trade’s instructions to users to change their eCay Trade passwords, and would add that it is important that they change any other passwords that are similar to their eCay Trade passwords.”

According to the CIRT-KY spokesperson, Cayman is not immune to cyber-attacks and there has been an increase in both the frequency and the sophistication of attacks. Any business or entity in the Cayman Islands serving customers or conducting transactions over the Internet is strongly encouraged to review and strengthen the security of their systems, processes, and servers. Like businesses with an online presence, individuals also need to take measures to secure their data and their systems.

“We urge users to employ complex passwords – using combinations of alphanumeric characters – for all their online accounts, change those passwords regularly and not use one password for several accounts.”

“Awareness plays a key role in responding to any Cyber Incident,” said a representative from Deloitte Enterprise Risk Services who was responsible for notifying CIRT-KY of the leak. “Cyber Incident Response actually begins before an incident occurs by creating a Cyber Incident Response Plan. A set of proactive and responsive capabilities are required for an organization’s operations to rapidly adapt and respond to Cyber Incidents and continue operations with limited impact to the business.”

Any individual or member of a business entity who suspects a cyber-security breach or vulnerability can email CIRT-KY on [email protected].