Hackers are fast mastering the art of infiltrating company networks. This is despite constant advancements in data-breach detection technology. Research indicates that the average data breach takes up to 200 days to detect, and it costs up to $4 million dollars in damages. A study by The Pomenon institute suggests that up to 93% of all successful data breaches happen in less than a minute. Also, up to 80 % of hacked businesses don’t realize the breach until it’s too late.
Majority of businesses today have put in place tough security measures to ensure their data is encrypted and safe. Nonetheless, not all security measures work adequately. Luckily, there are above par data security companies such as ottomatik.io offering mysql backup to ensure that your website files are secure.
Breaches in business data can be detrimental to your company’s reputation. Cyber-crime can effectively undo years of honest hard work. How?
- They lead to a reduction in a company’s edge in the market.
- Reduced competitiveness.
- Loss in customer trust and confidence in your business.
- Loss of intellectual property, hidden cost, online vandalism.
- Loss of revenue.
Below are examples of some of the most popular business data breaches of all times.
1. The Ransomware 2017
This one happened just after the WannaCry, where the Petya ransomware spread over many businesses globally. Hackers demanded a Bitcoin payment for the businesses to access their attacked computers.
Once this worm gets hold of the administrator, it tends to spread through the internal systems, but it does not seed itself externally like WannaCry.
2. Hack on Adobe in 2013
Adobe Company was going on fine until its IT infrastructure got hacked in 2013. The security breach saw personal information of some 2.9 million accounts stolen. That meant the hackers got access to people’s login details, their names, bank and credit card information. Later, a file on the internet was found, which brought the number of users affected to a whopping 150 million. The hacker was able to gain this information by taking advantage of a security breakdown in the publisher, related to password security practices. In this attack, both the customer information as well as product data was targeted.
3. Sony Panic
It was all panic and pandemonium in 2011 April when the Sony PlayStation Network got attacked. This Japanese brand form multiplayer gaming service, live content distribution and gaming purchasing contained personal data of up to 77 million users.
All this was leaked. The information compromised the banking details of millions of players. When this intrusion was discovered, Sony Online Entertainment, PSN, and Qriocity were shut down for a month. The company had to part with $15 million in compensation to their customers, just to appease them.
They also had to pay a few more million dollars in legal fees. The company also had to refund those people whose bank accounts had been used illegally. The hackers took advantage of a well-known network vulnerability that the company had for long ignored. A very simple SQL injection that unencrypted and hijacked the data saved the day.
4. Cellebrite Attack
This one also happened in 2017, when Cellebrite, a company that manufactured devices for pulling mobile data from their phones and used by the military and governments, ended up shooting itself in the foot. In 2017 the company’s external server got hacked and saw up to 900GB of customer data seized. Technical product data was equally not spared.
5. Cathay Pacific Airways
In March 2018, Cathay Pacific Airways was hacked and passenger data information was accessed without authorization. In this attack, up to 860,000 passenger passport numbers were identified. Up to 245,000 Hong Kong identity card numbers were also accessed and 403 expired card numbers were retrieved. Further, 27 credit card numbers without the CVV (Card Verification Value) were also accessed without authorization. The hack caused the company $9.4 million in damages.
Today, SMBs run as big a risk of getting attacked by hackers as large corporations. In fact, they are considered more vulnerable and are now being targeted by cyber-criminals. Cyber-security requires active investment, and it is crucial for every online enterprise to have a clear strategy to prevent it.