Empresa
Web Inoxtruckwww.ulmainoxtruck.com

USM resolves March cyber incident

 

26 May 2023. USM regrets to report that it suffered a ransomware attack on 14 March 2023. The company reported the incident to cybersecurity and data-protection authorities, collaborating with them and technical experts to determine precisely the implications of the incident. All communications have been re-established and data security is once again guaranteed.

The efficiency of the company’s existing security systems allowed early detection of the incident and activation of its cyber-incident response scheme to mitigate the impact: disconnection and manual analysis of all servers, recovery of backups, creation of working groups to reconfigure the information system, resetting of all login credentials and domain credentials and redefinition of all firewall rules to establish stringent criteria for incoming and outgoing traffic.

It is worth noting that USM operates with its own infrastructures and oversees their security, which means that the incident has not affected other cooperatives of the ULMA Group.

Nonetheless, pursuant to Regulation (EU) 2016/679 (General Data Protection Regulation), we must report that the investigation conducted by the specialists and IT analysts who took part in the management, containment and resolution of the cyber incident has concluded that certain personal information has been compromised by the said ransomware, although it was not stated that this information corresponds to a special category of personal data.

After studying the analysis, we believe it is highly unlikely that there will be any adverse consequences for the affected data subjects. However, we recommend that users remain wary and take the following measures if they receive suspicious messages or email in the coming days.

        Change the PIN of your mobile phone.

        Change the password of your personal email account [rules to consider when changing passwords].

        Secure password: passwords must not be easily cracked by guessing or by automatic means.

 

        Recommended characteristics.

        Include numbers.

        Use a combination of upper- and lower-case letters.

        Use at least eight characters, without blank spaces.

        Include special characters: - * ?¿ !¡ @ # $ / () {} = . , ; :

 

        Seven mistakes to avoid in relation to passwords.

 

        Do not use personal information to form your password (name, date of birth, etc.)

        Do not use keyboard patterns (qwerty) or sequential numbers (1234).

        Do not use only numbers or only upper- or lower-case letters, and do not repeat characters.

        Do not share passwords with others or reveal them to anyone.

        Do not write passwords on a piece of paper or Post-it that you leave on your desk or stick to your computer screen.

        Do not save passwords in a file on the same computer, especially a file that is easily accessed or has an obvious filename (“passwords”).

        Do not use the same password for different applications; you should diversify your passwords.

 

        Examine links carefully before clicking on them, even if they correspond to known contacts.

        Be wary of shortened links.

        Be wary of attached files, even if they are from known contacts.

        Keep your operating system and antivirus programme up to date.

Further information on security measures is available from the Spanish National Security Institute INCIBE-CERT (https://www.incibe.es/incibe-cert) and from the Spanish Data Protection Agency (https://www.aepd.es/es)

Please submit any questions or comments to our data-protection officer:

Martin Etxaniz (martin.etxaniz@manutencion.ulma.es; telephone -– 943 718 033)

Thank you.

Print  Print Send by Email  Send by Email
ULMA Inoxtruck - Obispo Otadui 10 - 20560 Oñati (Gipuzkoa) - Tel. +34 943 848 943 - info@ulmainoxtruck.com