The Top 5 Data Breaches of 2017
In 2016 46% of businesses experienced and reported, data breaches of some kind.
Data is big business. So, this type of crime will increase, unless companies start taking measures to secure their data. Keeping company and customer data under digital lock and key is one of the cornerstones of a robust IT infrastructure. But, even some of the biggest companies in the world have experienced data breaches.
Here, we look at some of the top data breaches of 2017, how they were handled and what lessons were learned (if any).
Up to 245,000 UK customers of the payday loan company were affected when names, addresses, phone numbers and bank account details were stolen. The company said it would urgently investigate. It proactively contacted customers and set up a help page and phone number for anyone concerned about data breaches. At the time of this incident in April, it was believed that it was one of the biggest data breaches of a UK company involving financial details.
While this information seemed ‘leaked’ rather than ‘hacked’ this suggested that it was easy to download and pass on. With any data, systems should ensure that employees with this level of access are traceable in the system with encryption and processes that make removing and passing on data of this magnitude very difficult to do without being caught or stopped.
A global email server for the financial advisory giant was hacked giving cyber criminals access to details of both staff and customers. This included usernames, passwords and IP addresses. Deloitte was not using two-step authentication on its email server. Although the company confirmed the hack, they said only a small number of clients who were affected were notified. They then carried out a full security protocol investigation.
Ridesharing app Uber had to admit that it had suffered a huge data breach. The names, email addresses and phone numbers of 57 million people, including customers and drivers, got into the wrong hands. It also had to admit to paying a huge £75,000 to have hackers delete that data. This is not the best way to tackle data breaches because it can encourage copycat incidents. Responsibility lay with two people outside of the company who had accessed user data on a third-party cloud-based service. The data breach was therefore not down to Uber’s own systems or infrastructure. But, this shows the importance of securing all of your systems end-to-end to prevent cyber criminals from abusing any loopholes.
As part of a global ransomware attack in May, doctors and hospitals in England were forced to cancel appointments, ambulances were diverted and patients were turned away when their systems were hacked and infected. Data was scrambled and demands were made for payment to get the information back in the right hands. Although no patient data was compromised, it exposed the NHS to the huge threat of data breaches. A large-scale and critical organisation like the NHS needs to safeguard its valuable data. This attack no-doubt acted as a wake-up call on measures it must take to protect such data breaches from happening again.
Cyber crime is costing UK businesses over £30bn in 2016. With GDPR rules coming into play, businesses risk fines of hefty amounts if they do not store their data securely. The question is can you afford not to protect your business against data breaches?
At LinkIT, we can provide you full peace of mind against data breaches with a cyber security audit and ongoing managed services. Contact us to find out more about how to get your IT covered and compliant.