Remember the good old days when you didn’t hear about a data breach every few months?
If we can’t avoid the fact that retailers and financial institutions are going to be targets for cybercriminals, we might as well learn how to deal with the fallout. Keeping that in mind, let’s take a look at some recent data breaches.
February Data Breaches
French company Octoly stored the personal information of 12,000 Instagram, Twitter, and YouTube personalities in an Amazon Web Services cloud server that was unsecure. Despite warnings in January by cyber-risk research company UpGuard Octoly did not secure “the real names, addresses, phone numbers, email addresses…and birth dates for these creators” until February.
California newspaper The Sacramento Bee was the victim of a ransomware attack that exposed contact information for 53,000 subscribers and 19.4 million voter records. As with most ransomware attacks, this information was withheld until paper paid a Bitcoin ransom—cryptocurrency remains a favored payment method for cybercriminals due to its relative untraceability.
March Data Breaches
You may not be familiar with parent company Hudson’s Bay, but you’ve probably heard of Saks Fifth Avenue. This particular breach seems to have taken place over the course of a full year—starting in May 2017 and ending in March 2018—resulting in payment card information for 5 million customers being compromised in the hacking incident. According to Reuters, “the hacking group [JokerStash] has so far released about 125,000 payment cards, about 75 percent of which appear to have been taken from the Hudson’s Bay units.”
The City of Atlanta
Seeminglyignoring security warnings dating back to June and July of 2017, the computer systems for the City of Atlanta were brought down by a ransomware attack in March 2018. Even though the city couldn’t process online payments, type up official reports, or schedule new court dates, they still had access to essential public safety services like 911, police, and fire fighters.
According to The Washington Post, Under Armour’s MyFitnessPal application was breached in February 2018, compromising “usernames, email addresses, and hashed passwords” for 150 million users. Shortly after discovering the data breach at the end of March, the company notified users. For now, the company does not know who is responsible for the hack.
Ryan Norton, Contributor