The computer age has brought with it many new challenges and trials. With cutting edge new technologies it is inevitable that we would get it wrong sometimes, and it is important to learn from those mistakes. While it’s true some of these errors could have been prevented with a little foresight, others were the result of creativity or ingenuity on the part of hackers. To help you avoid falling prey to these breaches we have listed some high profile security breaches of the 21st century and list out what went wrong.
Let’s get the one you’re all probably thinking of out of the way first. The Facebook Cambridge Analytica breach. Tens of millions of accounts had their personal information scraped which was then used to analyse user behavior patterns in order to figure out how to manipulate people into voting one way or the other. Whether or not this breach of security had a meaningful impact on the 2016 elections is a matter for debate.
What is not in contention is how this breach was achieved. Cambridge Analytica released an app that encouraged users to disclose personal information and also had access to a person’s social media history and actions. This fed an algorithm used to predict how somebody might respond to a political ad. The app took things a step further and used data from friends as well where it could see it.
This breach could potentially change how we view our democracy and how political advertising is done online, but for now the takeaway is to be careful what apps you use. There is a saying that has gained popularity that applies here: “If it’s free, you’re the product.”
Equifax Breach
We can’t talk about high-profile security breaches without reminding people of this one as well. The equifax breach led to tens of millions of user accounts including social security number and other personal information being leaked out into the wild. This breach was made all the more alarming by the fact that Equifax is one of the big three credit reporting bureaus, making them a company nearly everybody in the US has to do business with at some point.
The breach was the result of a security vulnerability in software used to manage the website. This software – Apache Struts – contained an exploit that hackers could use to gain access to vital systems. The makers of that software quickly released a patch, and Equifax failed to update their systems. As a result of this failure, hackers were able to exploit this vulnerability.
The lesson from this breach is simple – keep your software up to date. Security firms spend countless hours hunting down vulnerabilities and alert software makers of vulnerabilities. Simply keep your system up to date and you will be as secure as possible.
Yahoo 2013-2014
This is older news compared to our first two, but goes down in history as being one of the biggest data breaches in internet history. With an estimated 3 BILLION user accounts (to compare – about 7 billion humans live on Earth right now) impacted. The breach resulted in the loss of data such as passwords and usernames and was blamed on a state-sponsored actor.
The consequences were a disaster that resulted in Yahoo selling for far less than it was originally asking for (at the time it was in negotiations to be bought out by Verizon). The breach started with only 26 accounts, but failure to investigate the incident further lead to a wider, systematic attack against the entire company. The lesson here: if you are breached, investigate thoroughly no matter how small.
Remember: Always Protect Yourself
Keeping your business secure against intrusion, whether against identity thieves through software like Cognito, or using Malwarebytes against digital intrusion, or other software for other forms of security is essential. These breaches all cost the above businesses millions to billions of dollars, leading to financial disaster and that’s before getting into the losses suffered by consumers. You owe it to yourself and your customers to make sure that your servers are always secure.
