Considering the fact that we are in the middle of a big data boom, and knowing that both our business and personal lives have become data centric, one would only assume that data security is of the upmost importance to any and all organizations across the planet. But shockingly, data breaches are common, even in industries that deal with the most sensitive of information. The Open Security Foundation revealed that 242.6 million records were potentially compromised in 2012. In 2013, data breaches revealed extremely sensitive information gained from varying industries, including retail, healthcare, banking, and probably most unnerving, the government. The Identity Theft Resource Center reports that there were more than 600 breaches reported in 2013, spanning a variety of industries. We have picked what we consider to be the top 5 data breaches in 2013. Once you get over the shock of these embarrassing security attacks, we will also give you advice on how to make sure a data breach such as the ones we share doesn’t happen to your organization in 2014.
Facebook (Social Media/Technology)
On June 21st of 2013, Facebook reported a data leak that leaked email and phone numbers due to a software bug in the “Download Your Information” feature. The breach exposed more than 6 million users over the course of a year.
In a massive data breach that was discovered in mid December of 2013, the payment information of over 40 million Target customers was stolen. However, it has been discovered in an ongoing investigation that the cyber criminals responsible for the attack took more than credit and debit card information. They also were able to access and steal personal information (addresses, email addresses, etc.) going back more than a decade.
Virgina Tech (Education)
In September, a data breach at the university exposed the personal information of around 145,000 job applicants going back around 10 years. In the case of more than 16,000 of the records, driver’s license numbers were also compromised. In a press release, the University blames human error for the breach, claiming that a new server was put into service without the right protection protocols being implemented first.
Washington’s Administrative Office of the Courts (Government)
In May, the Administrative Office of the Courts servers were hacked and copies of up to 160,000 Social Security numbers and 1 million driver’s licenses were taken. Unforunately it appears that this was feasible due to the fact that personal information collected by the Administrative Office was unencrypted, giving hackers easy access.
Adventist Health System (Healthcare)
In Florida, more than 750,000 patient records were compromised due to one employee (a former emergency room employee) who was selling patient information to third parties. The hospital was hit with a class action lawsuit this year.
How Do You Protect Your Data?
- Create and implement a strong data strategy that focuses on security and data management BEFORE analysis and BI. To learn more about data strategies, read our blog post HERE.
- Invest in a data security solution. Companies like LogRhythm provide security applications like fraud detection and and forensic investigation to detect and respond to data breaches.
- Invest in a data audit trail to help you restore lost information, monitor and manager users, and reduce human error.
Image courtesy of www.nerdwallet.com
Image courtesy of www.poweryourpractice.com
For more information on data breaches in 2013: