What Can We Learn from the World’s Biggest Data Breaches?
With the rise of the internet and our increasingly digitally dependent world, the prevalence and impact of cyberattacks has increased exponentially. Firms that have successfully transitioned into the digital age recognize the importance of investing in reliable network defenses to secure their data. Sadly, the shifting landscape has made firms more vulnerable to data breaches. There’s no manual on how best to prepare for a data breach, but it can’t hurt to take lessons from a few of the largest and most recent data breaches in the world.
- Marriott Hotels: In November 2018, Marriott reported that 500 million guest records had been compromised in a breach of their Starwood reservation system. Marriott officials to the attack in September 2018, which led to an investigation by Marriott and external security specialists that exposed the largest breach since Yahoo’s hack in 2013. The investigation revealed hackers had been stealing names, addresses, credit card information and more from Starwood hotels – including Sheraton and St. Regis – since 2014.
- What can we learn? Firms that take cyber security seriously and do everything possible to protect internal data – including training employees on security best practices – have the best chance of minimizing damage after a breach.
- LocalBlox: On February 18, 2018, the UpGuard Cyber Risk team realized LocalBlox’s cloud storage repository had exposed over 48 million personal records to the internet. The dataset – which included names, addresses, birthdates and more – had been scraped from exposed source fields and sites like LinkedIn, Facebook and Twitter. This lapse in security was the result of a misconfiguration of a S3 storage bucket, however, the implications warrant concern that exceeds that of a simple accident. Hackers could monetize on the information by connecting the list of exposed identities with online behaviors and, therefore, learn how to persuade people on the list.
- What can we learn? Check and double-check your IT practices. A small oversight has the potential to jeopardize your clients (and your employees) and tarnish your company’s reputation.
- Mossack Fonseca: In April 2016, an anonymous source leaked 2.6 terabytes of sensitive client data to German newspaper Süddeutsche Zeitung, asking for nothing but anonymity in return. A thorough investigation of the dataset (which became known as the Panama Papers) yielded millions of internal documents from law firm Mossack Fonseca. Investigative journalists poured over emails, PDF files and photos, uncovering the activities of criminals, politicians, and athletes.
- What can we learn? Patch old security vulnerabilities and keep your security processes current. Diversify your security measures so your entire network isn’t exposed if one system is compromised.
AbacusNext provides fully compliant and secure solutions that feature essential data security protocols. Secure, digital workspaces like Abacus Private Cloud can help protect firm and client data in the event of a data breach.