In any given month, thousands of organizations worldwide may suffer a data breach.
A study sponsored by the UK government estimates that 65% of large organizations are affected in any given year and 25% of large businesses are targeted at least once per month. Not every data breach hits the news, but the organizations that gather media attention following an incident can offer invaluable lessons for the rest of us.
There's no question that data breaches are the epitome of a public relations disaster. Research conducted by OnePoll and Semafone in 2014 indicates that 86% of consumers are hesitant to make purchases from companies that have been breached. While a security incident isn't always a one-way ticket to bankruptcy, it can often spell financial troubles and a lack of customer trust for months, if not years, following the incident.
To help you avoid being the subject of media interest and customer panic, we've curated a list of seven high-profile security incidents and what they can teach the rest of us.
1. Target
Target was not without security at the time of the well-known breach. There have been many theories suggesting malware. It was reported the malware was installed on POS machines prior to discovery with multiple antivirus tools not detecting the malware.
Many intrusion detections or file integrity monitoring solutions offer poor built-in intelligence, which can make it difficult to tell the difference between normal file changes and a security incident. In other cases, constant meaningless notifications can lead to alert fatigue. A FIM solution that differentiates between alerts can provide 'smart' notifications and facilitate real-time action to stop a threat in its tracks.
2. Cogent Health Care
Cogent Healthcare suffered a data breach in 2013 that lead to the disclosure of 32,000 patients' electronic personal health information (ePHI). In 2013, HIPAA Journal wrote that a third-party contractor stored patient data on a website with an inactive firewall, which made the information accessible to the general public via indexing in Google search results.
3. OPM
The U.S. Office of Personnel Management's (OPM) 2015 data breach affected an estimated 20 million people, including federal employees, family members, contractors, and job applicants. NPR noted that the exact method of entry is unknown, although a third-party contractor's website is a possibility. Since the breach, OPM has significantly revised their security methodologies with the help of the Department of Defense.
4. Ashley Madison
In July 2015, extramarital affairs network Ashley Madison was subject to a very public data breach which lead to the personal information disclosure of 32 million users. While the initial means of gaining entry to Ashley Madison's network is not disclosed, Forbes' attributed the intent of the attack to "hacktivism," or ethically-motivated criminal activity in 2015. Similarly controversial or politically-based organizations may be at increased risk for hacktivist targeting.
5. Jimmy John's
Point-of-sale systems (POS) can represent a major point of vulnerability for organizations in retail, hospitality, and food services. Fast-and-casual sandwich chain Jimmy John's choose to outsource POS management to a third-party vendor and subsequently suffered the theft of card data from hundreds of their restaurant locations for a period of about 3 months.
In 2014, KrebsOnSecurity wrote this was caused by a brute-force attack on a third-party POS vendor employee's credentials, which allowed cybercriminals to push card skimming malware out to hundreds of locations en masse.
6. Anthem
Anthem, the second-largest provider of insurance in the U.S., suffered a security incident with data loss for two months before the attack was finally detected. Initial entry to Anthem's system was likely gained via a watering hole attack, which is defined as the infection of malware on a website that is frequented by a firm's employees. This form of attack is used to gain entry via contractors, entry-level employees, or other individuals who may be vulnerable to security threats.
The breach was finally discovered by one of the organization's database administrators (DBA), not a member of their information security team. CSO Online stated in 2015 that a DBA detected unusual activity originating from their account.
7. Hacking Team
In one of the most ironic security incidents in recent history, an Italian cybercrime group known as "Hacking Team" was breached. It's hard to muster much sympathy for this organization, especially considering they were in the business of selling advanced persistent threats to governments with what Network World calls "sketchy human rights records."
It was determined the downfall was caused by terrible credential management. One of their engineers had the network password of "Passw0rd," which allowed for very easy brute-force access. Data gleaned from this breach revealed the extent of the organization's crime and PII theft.
How to Avoid the Embarrassment of a High-Profile Data Breach
Is there any single takeaway from the most infamous data breaches in recent years? Even big brands with highly sophisticated security personnel can make mistakes. Security is hard, but this doesn't mean you should throw up your hands and resign yourself to a data breach. It means adopting the technical safeguards needed to make your job easier, so you can focus on comprehensive policy and vendor management.
CimTrak is an easy-to-use tool for comprehensive IT security in the modern age. An attack vector independent tool for real-time security incident detection and remediation, it can fill in where your other technical and human safeguards fail and provide intrusion detection, vulnerability assessments, patch management, access control, and antivirus and anti-spam mechanisms.
To learn more about how Cimcor's full suite of security products has the strength to prevent data breaches, click here to request a complimentary demo, or download our technical summary today.
