Zephyr Energy loses £700K in cyber hit that rerouted contractor payment
Summary
Zephyr Energy plc has lost approximately £700,000 due to a cyber incident where attackers successfully rerouted a payment intended for a contractor to their own account. The company is now attempting to recover the funds after the breach compromised their payment process.
IFF Assessment
FOE
This incident represents a successful financial crime enabled by a cyber attack, leading to direct monetary loss for the victim organization.
Defender Context
This incident highlights the persistent threat of Business Email Compromise (BEC) and payment diversion fraud. Defenders should focus on implementing multi-factor authentication for financial systems, robust email filtering, and mandatory verification processes for payment changes, especially for significant sums.