The NSRA (National Smallbore Rifle Association) has notified its members regarding possible fraud and cybercrime threats against them after a breach occurred on the company’s IT systems. The company revealed the incident earlier last month and contacted a United Kingdom-based association to aid them in addressing the attack.
The company’s IT systems remained operational. Their initial investigation revealed that no funds had been lost, and they will continue to study the attack and disclose new information.
NSRA also assured its members that the attack had not affected any membership portal, alongside working with law enforcement agencies to investigate the incident.
NSRA claimed that the attack had targeted its legacy servers.
According to NSRA, the cybercriminal operation has targeted their legacy servers that hold working documents, which is not a complete database. Unfortunately, the company could yet identify the affected individuals since they have no access to the affected servers.
The company urges members to update or change their account passwords while uncovering details about the incident.
Researchers believe the attack against NSRA could target its members with fraud or identity thefts as these attacks commonly sell and trade data. Threat actors typically impersonate the targeted organisations through cold calls or phishing emails. They tend to offer help or masquerade as police that pretends to investigate the breach.
Members should be vigilant of unwanted communication and attachments in emails which could include infectious entities. Additionally, potential targets should analyse the legitimacy of any unwanted emails to prevent falling victim to such threats.
Cybersecurity experts claim that UK gun owners will be the primary target for these attacks since criminal gangs will likely employ hackers to target and intercept weapons. UK NSRA members will surely experience these attacks since owning a gun in the United Kingdom is not as easy as in the United States.
Attackers will likely execute their fraud campaigns to try to acquire these weapons since the data breach incident has only targeted the information of gun owners.
