Currently, some of the scariest words for company owners are “hacking” and “data breach”. Everybody should be aware of what kind of a nightmare such an event means: a lot of money for fixing the failure, fines, potential sues and months of worries and hard work to get back to normal state.
What a data breach is?
To put it simply, it is the criminal infiltration in data sources that drains sensitive information. This might happen when hackers access computers or networks to get specific files or remotely, infringing network security.
Sometimes even your own employees could be involved in giving direct access to the network.
Once the cybercriminal is in, he/she can dig the way to the company’s privileged data and get it all. If this happens, this is a sign for breach and the company will have to pay for the consequences.
Let’s have a look back in the recent history of data breaches.
In February 2018, a cyber attack hit the world-famous company Under Armour trough their exercise mobile app “MyFitnessPal”. As a result, the usernames, e-mails, and passwords of 150 million users were stolen. Definitely, the company regretted the weak encryption (SHA1) they were using.
Then, in September 2018, the giant Marriott International found out that the company’s information was breached in 2014! During all this time, criminals had access to the confidential data of 500 million customers. Again names, e-mails, phone numbers, dates of birth and even passport numbers were in the hands of the shady guys.
In June 2018, the target was a big retailer, Dixons Carphone. The personal info, including card records of 5.9 million customers, was stolen.
July 2018 was a dark month for Sing Health, a medical/healthcare service provider. They were hit by a hacking attack in which the data of 1.5 million patients were copied.
As we know, this activity doesn’t stop and it increases every year. The above mentioned are just recent cases. However, many other businesses, such as universities, federal agencies, and companies like Yahoo, Target, eBay, Equifax, Uber, Deloitte, Morgan Chase & Co., have already experienced data breaches.
What does a hacker do with the stolen data?
Simple, sell it on the dark web. Of course! Nowadays, possessing banking, personal, tax, health info of millions of people means a very juicy business for many companies.
Afterwards, use the stolen data to access your accounts and get profit out of them. You can have online banking, PayPal account, crypto wallet or another money source that they can get.
But in some cases, hackers execute these cyber attacks do not only get profit, but also visibility. Yes, it is common that they do this just to make big companies vulnerable. There are even hacking contests where cybercriminals take part just to show their advanced tech skills off.
How to prevent data breaches?
- Let’s not minimize the relevance of security. Research and understand policies, procedures, and solutions to choose accurately the ones to protect your company.
- Set up firewalls or intelligent routers. Make sure your traffic is protected.
- Get constant vulnerability evaluations. The criminal activity never stops so it’s vital to prevent and detect fast.
- Keep everything up-to-date. This includes the operating system of every machine and every third-party application.
- Train your employees to identify suspicious activity and to avoid mistakes (phishing, entering questionable websites…) that can lead to infiltration.
- Make sure that you have a trustable encryption policy on every employee`s computer.
History shows that every company could face a data breach. Therefore, in order to understand how they work andto be involved as much as possible in the topic it is a `must` to be safe.