It’s already been clearly established how difficult it is to keep all of the information floating around in the cyber world safe. In this world everything moves in nanoseconds and is consequently really hard to keep up with.
This is something most regular people don’t think about too frequently. That however is beginning to change as more and more news headlines focus on data security breaches that are no longer just in the corporate domain, but that are now having repercussions in the general population.
Unreported Breaches Coming To Light
Ransom attacks have been perpetrated on companies large and small as well as individuals. Recently, Uber revealed they had covered up a ransom attack back in 2016. According a Forbes article, “In 2016, two hackers gained Uber AWS credentials through GITHub. The hackers then went to AWS and downloaded 57 million user accounts, including driver’s license numbers for 600,000 Uber drivers.”
This event went unpublicized so all of those drivers were unaware that their information had been compromised. Here’s how it escaped notice: Uber simply covered it up. Here’s how Forbes explains it. “After downloading this goldmine of data, the hackers contacted Uber to discuss ransom terms. The final settlement? Uber would pay the hackers $100,000, under two conditions: first, they had to destroy the stolen data (and “double promise” they did this).” (https://www.forbes.com/sites/moorinsights/2017/12/08/ubergate-post-mortem-will-we-ever-learn/#2df2c89b62b1)
If you believe this, I’ve got a bridge I’d like to sell you!
The second condition of the payoff was that the criminals “couldn’t tell anybody.” Forbes writes, “Cyber hands were shaken, payment was made, and everybody went on their merry way.”
So, how many unreported breaches are there? How often is information being compromised that no one, not even the authorities know about? We don’t know.
Lost And Stolen Devices
Add to that these statistics”
*one laptop is stolen every 53 seconds,
*over 70 million cell phones are lost each year.
- Public Wi-Fi is a risk as information can easily be accessed on these open networks without a user’s knowledge or permission.
The idtheftcenter.org also states that, “Nearly 41% of all data breach events from 2005 through 2015 were caused by lost devices such as laptops, tablets and smartphones.” When these devices are company issued they very often have proprietary information. Most companies do not have policies in place fr when devices are lost or stolen.
It’s wild in the cyber world. It’s dangerous. And while there is no bloodshed or physical brutality going on like we are accustomed to seeing in battles between good and evil, there is untold damage. The effects can wipe out companies or individuals in the blink of an eye.
The General Data Protection Regulation (GDPR)
Clearly, if the European Union’s General Data Protection Regulation (GDPR) had been in effect when the Uber cover up came to light, they would be paying very heavy fines for their lack of security. Let this serve as yet another reminder that in just a few months the GDPR will be law. If you have not yet brought your business into compliance, there is no time like the present moment. If you are a business owner call our offices to set up a free consultation to find out how to bring your company into compliance with the GDPR.