Some of the largest data breaches in history were recorded in 2015 in the form of cyber-crimes. These occurrences saw major corporations enhance their fight against identity theft and hackers in 2016. However, 2016 came up with some breaches that no one could ever imagine. This article focuses on how data breach affected the tech world in 2016. The first section looks at the cost of breaching data in 2016. The second section focuses on some of the major incidences in 2016 that you need to be aware. This information will assist IT Compliance and Information Security Practitioners to put in place appropriate measures to curb cyber crime in 2017.
Study on the Cost of Data Breach in 2016
Breaching of data is a common occurrence within the IT industry. According to the research conducted by Ponemon Institute and sponsored by IBM, the total cost for data violation grew from $3.8 million in 2015 to $4 million in 2016. This report also finds out that the average cost incurred for each stolen or lost record that contains confidential or sensitive information rose from $154 to $158.
Researchers from Ponemon Institute interviewed several IT Compliance and Information Security Practitioners from 383 organizations in 12 different countries. These countries included South Africa, Canada, Saudi Arabia, India, Italy, Japan, Brazil, Japan, France, Australia, United Kingdom and the United States. It’s important to note that South Africa was interviewed for the first time to represent Africa. We will share with you here some of the ways in which data breach affected the tech world in 2016.
UC Berkeley
The month of February saw a massive hacking in the financial data of over 80,000 university of California school officials, employees, alumni and students. According to the school, the hackers did not steal any information. The school alerted the affected individuals to keep an eye on their personal information.
FACC
FACC is an Australian-based Aerospace parts manufacturer that fell victim to hackers in January 2016. Some of the clients for this corporation include Boeing and Airbus. The criminals ignored the data base and intellectual property of the corporation and stole close to $54.5. However, this incidence did not affect the normal operations of the company.
Snap Chat
Hackers used a phishing scam to trick one of the employees of Snap Chat to e-mail them confidential data and stole the personal information of over 700 former and current employees. The hackers requested and received personal information such as names, wage and payroll information and social security numbers in March 2016. You cannot tell how they intend to use this information, but employees should be keen while sharing any information.
University of Central Florida
The University of Central Florida data breach affected close to 63,000 former and current students, staff, and faculty in February 2016. The institution discovered this breach in January but opted to conduct an internal investigation and report to the law enforcement agency before making it public. The criminals compromised the Information system of the university and stole a wide range of information including employee and student ID numbers, first and last names and social security numbers.
US Department of Justice
In February 2016, the US Department of Justice suffered the attack of hackers who did not approve the close links they have with Israel. The hackers released confidential information on 20,000 FBI employees and 10,000 Department of Homeland security workers. It took them close to a week before realizing that their system had been compromised.
San Francisco Municipal Transportation Agency
The public railway system of San Francisco had some malware over the Thanksgiving weekend. It resulted in the freezing of computers and kiosks and customers could enjoy two days of free ride before everything went back to normal. The Fortune magazine managed to contact the hackers, who said that it was not really targeted since it was only a “spray and prays” kind of attack. They still stole 30 GB of data, including the personal information of riders and employees, as a threat to the agency: a ransom of 100 Bitcoins ($73,000) and fixing the vulnerabilities of their system, or all the information will be released. Everything went back to normal, but we do not know if the ransom was paid.
Cisco
Whether you are from the sales, marketing or finance department, your unit needs business intelligence tools to handle all the data you collect. One department -often left aside- that would actually need it all the more is the IT division -and that is what Cisco should learn from its hack. With proper business dashboards in place, any data breach or anomaly could have been detected immediately and action taken right away.
Instead, an incorrect security setting on the website exposed the private information of job seekers. The company advised all their users to reset their passwords and offered a 90-day fraud alert to interested users.
National Payment Corporation of India
The international banks in China and U.S notified the National Payment Corporation of India that hackers were using the debit cards of their customers illegally in October 2016. The source of this breach could have been a malware attack on one of the ATMs.
Yahoo
The month of September 2016 saw Yahoo announce one of the most expensive data breaches in history. The hackers stole personal information from at least 500million accounts. Yahoo has been working with FBI and other investigation agencies to track the whereabouts of the thief. Some of the information stolen was email addresses, passwords, ID numbers, telephone numbers, dates of birth and the security questions and their answers.
Drop box
In August 2016, Drop box realized that the usernames and passwords of over 68 million users had been compromised. The company decided to notify all users who had not reset their passwords for a long time to do so.
Summary
Data breach is a common phenomenon that affects the tech world, from companies to users, in several ways.2016 saw several corporations lose millions of dollars in the hands of hackers. We need to learn from such experiences to enhance the security system of our websites. This article only provides a few examples of those incidences that occurred in 2016. Hackers also work round the clock to discover new ways of getting sensitive information from Internet users. IT experts should be on top of the game to counter these efforts, since hacking also damages a company’s image and provokes a loss of confidence from the users.
