The 10 Worst Data Breaches of 2013

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
Next The 10 Worst Data Breaches of 2013-6 Next

U.S. Government Breaches

The Department of Energy (DoE) breach in July leaked over 104,000 employees’ and contractors’ personal information, with huge implications in the cybersecurity world. Technically, this was the second major successful hack against the DoE this year, said Mark Vankempen, security research engineer, LogRhythm Labs:

The first one that occurred back in February left 14 servers and 20 workstations compromised. This earlier breach also led to the exposure of PII of hundreds of employees, not to mention leaving behind backdoors for future exploits. These types of breaches clearly affect the way people perceive the security of their personal information as well as federal agencies. A solid security posture that utilizes advanced security analytic techniques across the universe of data sources in your environment, combined with contextual emerging threat data, could have been the golden ticket to limiting the scope of the breach or even preventing it entirely.

The attack was made possible by leveraging a flaw in an Adobe product, most likely executed by an unsuspecting employee, added Paul Lipman, CEO of Total Defense. This highlights the need to offer employees protection while they are beyond the corporate firewall, with persistent endpoint protection.

According to the Identity Theft Resource Center, as of December 3, 558 breaches have been reported in 2013, and we still have nearly a full month left for more potential breaches. These breaches hit across industries; no one is immune. In late November, BitSight Technologies released a report that investigated how well specific industries were doing in their security efforts. According to the survey, the financial industry has performed the best when it comes to security effectiveness.

At the bottom of the list was the technology industry.

Not surprisingly, a number of the worst security breaches of 2013 happened within the tech industry. In fact, when asked to list the top security breaches of the past year, security experts overwhelmingly named the Adobe breach, followed closely by the more recent Pony botnet attack that focused on companies like Google and Facebook.

One of the more surprising breaches named by experts was former NSA contractor Edward Snowden’s leaks about the extent of the U.S. intelligence community’s Internet surveillance. The data breach was significant for many reasons, starting with what was revealed: pervasive signals intelligence, subversion of encryption standards, collaboration with overseas intelligence communities and many other bombshells.

Other breaches were more predictable, involving stolen devices or phishing scams. Many of the breaches are blamed on foreign hackers and cyber criminals. But the end result is that all of these breaches caused significant damage to businesses and customers. As Costin Raiu, director, Global Research and Analysis Team, Kaspersky Lab, stated:

We predicted 2012 to be revealing and 2013 to be eye opening. That forecast proved correct – 2013 showed that everybody is in the same boat. In truth, any organization or person can become a victim. Not all attacks involve high profile targets, or those involved in ‘critical infrastructure’ projects.  Those who hold data could be of value to cybercriminals, or they can be used as a ‘stepping-stones’ to reach other targets.

Here is a list of the worst data breaches of 2013.

 

Related Topics : Litigation, Consultants, Digital Rights Management, Environmental Regulations, External and Internal Audits

 
More Slideshows

DataM62-190x128 10 Steps for a Proper Data Governance Plan

Establishing a digital governance plan can be a challenge, but with the right education and tools, the job can be made a lot simpler. ...  More >>

Compliance4-190x128 GRC Programs: Building the Business Case for Value

Experience shows that organizations that manage GRC as an integrated program — involving people, processes and technologies — are more successful in delivering value to their organizations ...  More >>

Disaster10-190x128.jpg New Catalysts Driving Disaster Recovery Initiatives

Due to a variety of natural and manmade disasters – including cyber attacks – organizations are placing greater emphasis on DR initiatives. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.