We can all say that 2020 was everything but boring and plain. Besides being plagued with COVID-19-related issues, it was also a year of some highly publicized data breaches. Data breaches have become an immensely popular way of obtaining different types of user and customer data. To make matters worse, a lot of companies store data on unprotected servers, waiting for a nosey hacker to discover it and abuse it. Here are some impressive numbers that will blow your mind:
● In the first six months of 2019, there were more than 3,800 disclosed data breaches ● In the first six months of 2019, more than 4.2 billion records were exposed ● The average cost of a data breach is $3.92 million
Below, we will discuss some of the most significant data breaches that have happened so far, as well as share some tips on how to protect your organization.
1. Boots Pharmacy Data Breach
In March 2020, Boots, a well-known pharmacy chain in the UK, had to suspend all loyalty card payments due to a data breach attempt. Namely, malicious actors tried to perform a cyberattack so they would get access to user accounts. While Boots’ cybersecurity infrastructure wasn’t directly affected, their customers still were. Around 150 thousand customers have fallen victim to this exploit. Even though this wasn’t a direct data breach, it has had a negative impact on the business and customers’ privacy.
2. Virgin Media Data Breach
This is one of the biggest cybersecurity incidents the UK has ever faced. The number of affected individuals has reached nearly a million – 900 thousand, to be more precise. A security researcher at TurgenSec has spotted a Virgin Media database that wasn’t configured correctly. Consequently, the information was left unsecured, allowing anyone and everyone to access it. The exposed data included phone numbers, home numbers, and addresses. Virgin Media has gone through a lot of controversies because of this mishap. Currently, the company is facing a huge GDPR fine because of this incident – a staggering 4.5 billion pounds.
3. Tesco Clubcards Data Breach
This case is pretty much the same as the one we’ve discussed above. Just like with Boots, Tesco’s loyalty program suffered a cyberattack attempt. The attackers’ goal was to obtain access to user accounts by using a stolen credentials database. Fortunately, no financial information was exposed. However, at least 600,000 club members were at risk. Tesco detected the threat early on, which is why they managed to minimize its impact.
4. Suprema Data Breach
Now, this particular case is fascinating and almost dystopian-like. Suprema is a biometrics database that is used by 5700 different organizations in 83 countries. This database is also used by the police, banks, and other security-related businesses. Israeli researchers have discovered an incident where biometric and facial recognition information of around one million people were stored in an insecure database, enabling nearly anyone to access it.
Security Tips for Preventing a Data Breach Attempt
The critical thing when it comes to data breach response is the level of preparation. Having a reliable cybersecurity infrastructure is a must. However, you can take some other security and prevention measures to ensure that your company remains safe, even in these crazy times. Here’s what you should consider doing:
1. Use an Enterprise VPN
In today’s times, where the pandemic has forced many companies to enforce working from home, ensuring that the employee’s home network is safe is a must. Work laptops contain a lot of sensitive information, which is precisely why they should be protected at all times. Consider investing in an enterprise VPN solution. Enterprise VPNs were created with businesses in mind. They usually come with an impressive set of security features, so installing it on every work computer should be your priority.
2. Educate Your Employees
Since human error is among the most common reasons for data breaches, all companies should consider investing more money in employee education. A professional educator who will teach the employees about best practices when it comes to cybersecurity could be one of the solutions. Teach them about storing data, creating and saving passwords, and familiarizing them with security software they should use daily.
Although there’s not much you can do to stop a breach when it occurs, you can do a lot to prevent it. However, that is and should be a joint effort. Make sure to educate your employees and explain how important it is to follow the recommended security practices. Always use business-grade software. Bear in mind that diligence, responsiveness, and awareness are the three most important factors when it comes to maintaining a stable cybersecurity environment.