With the slew of massive data breaches in the news recently, like the HBO hacks or the Gmail phishing scam, many businesses may worry that they could be next. And while many breaches are easily preventable, many more are the result of complex, sophisticated cyber attacks that are hard to defend against.
As more and more information moves online, particularly in business, it is critical to protect your customers’ sensitive information. Identity theft is serious—in 2014, ID theft cost Americans $15.4 billion. Anything your company can do to help prevent identity theft for customers will be welcome.
Listed below are some of the worst breaches of the last few years, how they happened, and what you can do to avoid making the same mistakes.
1. River City Media
- When: 2016
- Why/how: Improperly configured backup accidentally placed the entire database online.
- Type: Leak
- Industry: Spam “marketing”
- Number of records exposed: 1.4 billion
The River City Media database leak constitutes the largest single data breach in history, with 1.4 billion individual records compromised. The records largely consisted of email addresses, but some of the entries had additional details like IP addresses, names, and even physical addresses.
This data breach highlights how easy it is for information to go from private to public in an instant. All it took in this case was an error setting up a simple backup. Anybody can make an error, so it’s important to have steps in place to double-check information security. Even a second set of eyes on the backup configuration could have prevented the error that left the database vulnerable.
- When: 2013
- Why/how: Unknown
- Type: Cyber attack
- Industry: Web services provider
- Number of records exposed: 1 billion
This attack occurred in 2013 but wasn’t actually discovered and disclosed until late 2016, which is frightening in its own right. Even worse, this was the second massive attack discovered years after the fact by Yahoo, the first being a hack that exposed nearly 500 million records.
The compromised information in this case included names, telephone numbers, and unencrypted security questions that could be used to reset passwords, among other details. Yahoo is not sure how the hackers breached the company’s systems, but it was clear that it was a cyber attack. The company issued mandatory password resets for affected accounts.
The takeaway is that security needs to be at the forefront of any operation that handles customer data, regardless of how sensitive it is. The loss of trust that comes with the theft of personal information can take years to recover from.
3. Deep Root Analytics
- When: 2015
- Why/how: Misconfigured database was left exposed and unprotected.
- Type: Leak
- Industry: Data analytics
Number of records exposed: 198 million
This breach represents the largest US voter data breach ever. A total of 1.1 terabytes of data containing information on 198 million potential voters from Donald Trump’s presidential campaign was left open, unsecured, and publicly accessible for an unknown length of time. The database was only secured after a security analyst discovered the issue and alerted Deep Root Analytics, the Republican data analysis firm that owned the database.
The database contained a variety of sensitive information across dozens of data points, including phone number, home address, registered political party, and more, all being used to profile possible voters in the presidential elections. This data was collected, analyzed, and used to build profiles of potential voters, their preferences, and their likelihood to agree or disagree on various political policies.
This breach is significant primarily because there was a lack of adequate security in place to protect such a massive database of personal information. Anyone who discovered the online location of this database could have viewed almost all of it, including the above personal details, and used them for any purpose, like identity theft. The breach underscores how important it is to have a plan in place for securing and safely handling sensitive data.
No information critical to an operation or business should be left unsecured and publicly accessible, especially when it involves personally identifying information that violates people’s privacy and security.
- When: Late 2014 and early 2015
- Why/how: Hackers broke into Anthem’s servers and stole information.
- Type: Cyber attack
- Industry: Health insurance
- Number of records exposed: Nearly 80 million
Early in 2015, Anthem, Inc., one of the largest health insurance providers in the United States, discovered a data breach that compromised almost 80 million records. The compromised information included names, birthdays, Social Security numbers, home addresses, and medical data. The breach took place over a period of several weeks beginning in late 2014.
While there was no evidence that the data was used for malicious purposes, Anthem eventually settled a class-action lawsuit for over $100 million to provide protections for those affected. These protections included credit monitoring and identity protection services. The investigation concluded that Anthem handled the breach well and effectively shut down the hackers when the breach was discovered, but the fact remains that for at least a period of several weeks, personal information was being stolen.
The lesson in the Anthem breach is that even companies who handle security well can fall victim to hackers, so diligence is critical. Businesses these days must constantly be on the lookout for data breaches and react rapidly to shut them down if discovered. There are third-party services available that can do this for you if your business lacks the IT manpower, but the important thing is that monitoring takes place.
Looking forward, it is going to become increasingly crucial for businesses and their IT departments to ensure proper information security. The University of California Santa Cruz has put together a primer for system administrators and IT departments for detecting data breaches that can serve as a valuable resource if you need a starting point.
About the Author: Krystal Rogers-Nelson is a freelance writer and security expert who is committed to educating others about cyber security. Holding a BA in International Studies with an emphasis in globalization, she believes in making technology digestible and accessible to everyone. As a world traveler with 14 years of work experience, she specializes in writing about topics ranging from personal and financial security to travel and child safety. You can read some of her other published articles here: https://krystalrogersnelson.contently.com/.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.