Enterprises Worry About Data Threats But Focus Too Much On Compliance -MSPmentor
–Insights from the desk of Jennifer Louis, Director of Business Operations, Freedom Security Alliance
For those who weren’t aware of cybercrime before, 2016 definitely put breaches, hacks and ransomware on the map. Here’s a summary of some of the most unusual twists and turns in some of the wildest hacks over the past year:
San Francisco Transportation Agency Hack. A hacker or group of hackers calling themselves, “Andy Saolis” in November hacked into the Transportation Agency’s system utilizing ransomware and attempted to ransom $73,000 in Bitcoin payment in exchange for releasing control of their computer system. Muni, which runs the city’s bus, trolley car and light rail systems did not pay the ransom, but it did take three days to regain complete control and get their system back up and running resulting in a loss of fares over the three-day period. Muni claims that no customer data was stolen, however the hack demonstrated a major vulnerability in the public transportation industry.
DNC Hacking and Russia’s Involvement. Certainly the most talked about hack of 2016. According to a recent article in The WashingtonPost, The Cyber Security Organization, CrowdStrike, hired by the DNC (Democratic National Committee) to investigate the intrusions into the DNC’s private emails and data has from the start suspected that one of the two hacker groups that struck the DNC was the GRU, Russia’s military intelligence agency. In the article they have stated that their investigation has given them “high confidence” that one of the hacker groups was the GRU.
Madison Square Garden in NY. Hackers were able to access MSG’s payment processing system for nearly a year (October 2015-November 2016) before MSG discovered the breach. According to the ITRC Breach Report 2016, the data contained in the payment cards swiped to purchase merchandise, food and beverage items at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, Beacon Theater, and Chicago Theater between may have been affected, including credit card numbers, cardholder names, expiration dates and internal verification codes. According to MSG as of November 2016 their point-of-sale systems are now secure, but they advise their customers who visited venues during that period to check their credit card statements for unauthorized purchases.
Those are just a few of the major headlines of 2016. Being one of the most hacked years in recent history, check out a summary of some of the other breaches you may have missed in various industries according to the ITRC Breach Report 2016:
The medical/health care sector leads them all in the number of records compromised in 2016. The sector has posted 36.2% (355) of all data breaches to date. The number of records exposed in these breaches tops 15.4 million, or about 43.8% of the total so far this year.
The government/military sector has suffered 66 data breaches this year, representing about 37.1% of the total number of records exposed and 6.7% of the incidents. Over 13 million records have been compromised in the government/military sector to date.
The business sector accounts for more than 5.6 million exposed records in 432 incidents. That represents 44.1% of the incidents, and 16% of the exposed records.
The number of banking/credit/financial breaches totals 43 for the year to date and involves about 72,000 records, some 4.4% of the total number of breaches and about 0.2% of the records exposed.
The educational sector has seen 84 data breaches in 2016. The sector accounts for 8.6% of all breaches for the year and more than 1 million exposed records, about 2.9% of the total so far this year.