Monthly Archives: October 2020

Home / 2020 / October

5 Biggest Data Breaches Of The 21st Century

Data breaches occur when hackers infiltrate a computer network system and access sensitive information.  This can include financial records, security numbers, passwords and personal identifying information.

In the 21st century, data breaches affecting hundreds of millions or even billions of users are gradually becoming the order of the day. In this post, we will explore five biggest data breaches in recent memory.

1.     Yahoo

Yahoo fell victim to the biggest data breach in history so far. Back in 2014, amidst sales negotiations with Verizon, Yahoo experienced a data breach affecting all of its 3 billion user accounts.

The information stolen from its computer network included names, emails, hashed passwords, dates of birth, and security questions. The data breach was so bad that it compelled Yahoo to sell to Verizon at $350 million less than previously planned. Yahoo claimed that the attack was state-sponsored activity,

2.     First American Financial Corporation

The 2019 data breach of First American Financial Corporation exposed 885 million records. These records contained sensitive information including social security numbers, bank account details, mortgage information, and wire transactions.

The breach exposed information dating as far back as 2003. The company was mostly to blame for its complete lack of security. Its records had no form of encryption, making them extremely vulnerable to data breaches.

3.     Marriott International

A 2014 hack of Marriot International exposed 500 million records. The hack led to the leak of hard to find data such as travel schedules, passport numbers, and contact information.  It was not discovered until 2018.

Recently, Marriott has been the victim of yet another data breach exposing more than 5.2 million accounts between January and February 2020.

4.     Equifax

Equifax is one of the leading credit bureaus in the US and experienced one of the biggest data breaches in the 21st century.  A vulnerability in the company’s website compromised the personal information of 147.9 million customers.  Some of the stolen information included birth dates, social security numbers, driver’s license numbers, addresses, and credit card data.  Unfortunately, the company was partly to blame for the breach due to failure to segment its systems or to patch security vulnerabilities.

5.     eBay

eBay fell victim in 2014, revealing passwords, names, email addresses and dates of birth of all of its 145 million users.  Interestingly, the breach occurred over 229 days, during which hackers had complete access to the company’s network. The hackers used the credentials of three top corporate employees to infiltrate eBay’s computer network.

Even though hackers exposed this information, the breach did not affect the bottom-line of the company.  However, it did lead to a significant decline in user activity.

Protecting your Business from Data Breaches

Cyber security continues to be an elusive goal for many companies.  This is especially true for those with sensitive data such as addresses, contact information, credit card or bank details, and personal identifying information. Therefore, this data is usually the target of identity thieves.

Detecting a data breach is usually the most crucial step in responding to and mitigating the effects of the breach.  Thus, you can detect a breach by hiring cyber security experts, updating your technology and employee education, and by constantly monitoring your organization.

5 Cyber Security Best Practices For Your Business

Cyber attacks are a growing concern for small and medium enterprises. Some research findings reveal that 43% of cybercrimes target small businesses, and 60% of small companies that fall victim to a cyber attack are out of business within just six months.

As a small business owner, you don’t want to be the next victim. Here are five cybersecurity best practices your business should implement:

1.     Use a firewall and antivirus software

Firewalls provide a barrier between your computer network and cybercriminals. Firewalls work by assessing the data packets which arrive at your computer network.  They either accept or reject them based on the data they contain.

Your business should invest in both hardware and software firewalls to monitor incoming data for risks that could expose your business to attacks.

Use antivirus software in addition to firewalls to add an extra layer of security against threats that manage to get past the firewall.

2.     Keep your software updated

In a highly automated environment, it is easy for business owners to rely on automatic software updates.

But if you are concerned about the security of your data, you must ascertain that your operating systems and software are up-to-date (and that you are using high-quality security software).

Software updates look for and fix potential weaknesses that criminal hackers could exploit. Therefore, by having the latest software updates, you protect your business data from the vulnerabilities of older software.

3.     Train your employees

Employees are one of the greatest risks to your business. This risk stems from unawareness on the importance of cybersecurity and of the protective measures they can take to keep your business safe, such as installing firewalls to their home networks.

Employees are also vulnerable to phishing scams, which cybercriminals could use to install malware onto your computer network.

Cybersecurity education should not end with the IT department, but should reach every employee. Educate them on cybersecurity measures, your business’ cybersecurity policies, ways of identifying cybersecurity breaches, and responses to such incidents.

4.     Back up your data regularly

Cyber-attacks can happen to the most protected system, and your business should be ready for this eventuality. Back up all your data, including documents, spreadsheets, databases, financial and other business files to the cloud or on separate hardware devices.

You should store these backups in separate places for added security, preferably at an offsite location or in the cloud.

Your business should implement cloud computing (for easy and efficient backup systems) and a local back up in case the data on the cloud falls prey to cybercriminals.

Backing up data protects businesses from loss in case of natural disasters, human errors, ransomware, and hacking.

5.     Set strong passwords and multifactor authentication

Lost, stolen, and weak passwords lead to about 63% of data breaches , which should inspire businesses to enforce their password policies.

Businesses should use strong passwords that contain a mix of lower and upper case letters, numbers, and symbols. They should also change these passwords every 60-90 days.

Multifactor authentication adds an extra layer of security to strong passwords by requiring additional steps before one access your business data. Therefore, even if a cybercriminal manages to crack your password, the multifactor authentication could prevent further access.

Final word

Cybercriminals keep advancing and finding better ways to breach security systems. Your business security depends on a proactive approach in implementing security measures such as the use of firewalls, antivirus software, employee training, regular data backups, strong password policies, and multifactor authentication.