As we did in 2016, we’re rounding up the biggest data breaches of 2017. What have we learned as a result, and what can companies do better next year?
Equifax: The loss of 145 million records may not be the highest in history, but the value of information very well might be. Thanks to an unpatched flaw in an Apache Struts server, names, dates, social security numbers, and more were compromised. Most of the records were American, but about a million people were affected in the UK and Canada as well. To make matters even worse, the credit bureau’s response to the crisis was less than stellar, with widespread criticism of the company’s incident response website, officials questioning how much company executives knew before it disclosed the breach, and prompting an investigation by Congress.
Uber: Another breach for the books that falls under “poorly handled.” The loss of 57 million records actually happened in October 2016, but Uber didn’t disclose until November of this year, and it was also discovered the rideshare company had paid the hackers who compromised them $100,000 to stay quiet and delete the data. The result? CSO Joe Sullivan and a deputy were shown the door.
NSA: In April of this year, the NSA lost control of several key hacking tools, when a group known as the Shadow Brokers published stolen code. That lead directly to the WannaCry ransomware attack, thought to be the biggest of its kind and which brought down Britain’s health system as well as paralyzing companies like Merck, FedEx and more.
Verizon: In July, the phone giant had about 14 million subscribers’ records exposed, thanks to an unprotected Amazon S3 storage server. Anyone who called Verizon customer service during that time could have been affected.
Yahoo (again): After being bought by Verizon, it was revealed that Yahoo’s massive leak of 1 billion (with a B) records in 2013 actually was 3 billion–or literally every single account.
Amazon S3 storage buckets: While Amazon itself wasn’t affected, data breaches like Verizon, the U.S. Army and Australian Broadcasting Company were a direct result of unprotected Amazon S3 storage buckets that were misconfigured as public instead of private. A simple common-sense approach to configuring buckets could have protected the integrity of millions of records.
What conclusions can we draw from these breaches? For starters, how a company handles the fallout from a data breach is just as important as its data protection policies. Make sure your incident response plan is timely and properly addresses customer concerns that are bound to rise after a breach.
If you’re in the public cloud, it’s also important to make sure that your systems are properly configured to avoid accidental data exposure. Double check your environment when adding or deleting components.
Let us help keep your data safe in one of our Midwest data centers! We offer strong physical, technical and administrative security to maintain the integrity of your data in all manner of incidents, including data breaches. Our experts can also help you develop a robust disaster recovery plan that addresses policies and procedures before, during and after a cybersecurity incident. Contact us to speak to a disaster recovery expert, or download our free disaster recovery white paper to learn more.