The 10 Worst Data Breaches of 2013

Share  
1  |  2  |  3  |  4  |  5  |  6  |  7  |  8  |  9  |  10  |  11  |  12
Next Next

Hijacking Media Outlets

The Syrian Electronic Army (SEA) captured the “hacktivist” crown this year, with a series of defacements and hacks of major news organizations and Twitter handles, according to Scott Simkin, senior product marketing manager, Palo Alto Networks. The SEA made national headlines with its claim of an attack on President Obama from the Associated Press’ Twitter handle, causing a brief $136 billion dollar dive in the stock market. The SEA then went on to deface the New York Times, Washington Post, National Public Radio, Al-Jazeera and other major news outlets. How does this constitute a data breach? Simkin explained:

Data breaches are always about information, whether it is PII, accounts and passwords, or intellectual property. The SEA flipped this strategy on its head; marking the first time information distribution itself became the target. Social media and the news are primarily about connecting the right people with the information they want to find. When those stories come from a trusted source such as the AP’s Twitter handle or the New York Times, it is often inherently trusted itself. As we saw with the fake President Obama message, information is inherently valuable in its own right. The SEA learned that controlling the flow of information and message from a trusted source can have an outsized impact.

According to the Identity Theft Resource Center, as of December 3, 558 breaches have been reported in 2013, and we still have nearly a full month left for more potential breaches. These breaches hit across industries; no one is immune. In late November, BitSight Technologies released a report that investigated how well specific industries were doing in their security efforts. According to the survey, the financial industry has performed the best when it comes to security effectiveness.

At the bottom of the list was the technology industry.

Not surprisingly, a number of the worst security breaches of 2013 happened within the tech industry. In fact, when asked to list the top security breaches of the past year, security experts overwhelmingly named the Adobe breach, followed closely by the more recent Pony botnet attack that focused on companies like Google and Facebook.

One of the more surprising breaches named by experts was former NSA contractor Edward Snowden’s leaks about the extent of the U.S. intelligence community’s Internet surveillance. The data breach was significant for many reasons, starting with what was revealed: pervasive signals intelligence, subversion of encryption standards, collaboration with overseas intelligence communities and many other bombshells.

Other breaches were more predictable, involving stolen devices or phishing scams. Many of the breaches are blamed on foreign hackers and cyber criminals. But the end result is that all of these breaches caused significant damage to businesses and customers. As Costin Raiu, director, Global Research and Analysis Team, Kaspersky Lab, stated:

We predicted 2012 to be revealing and 2013 to be eye opening. That forecast proved correct – 2013 showed that everybody is in the same boat. In truth, any organization or person can become a victim. Not all attacks involve high profile targets, or those involved in ‘critical infrastructure’ projects.  Those who hold data could be of value to cybercriminals, or they can be used as a ‘stepping-stones’ to reach other targets.

Here is a list of the worst data breaches of 2013.

 

Related Topics : Litigation, Consultants, Digital Rights Management, Environmental Regulations, External and Internal Audits

 
More Slideshows

DataM27-290x195 Governance Trends and Best Practices from ARMA Live! 2014

One of the major trends coming out of ARMA 2014 was the notion of transitioning from records management to information governance. ...  More >>

eCommerce7-290x195 Five Tips to Prepare Your Business for PCI DSS 3.0

The updated standards provide baseline security measures to align organizations more closely with industry best practices, and drive them to build the practices into their daily operations. ...  More >>

Risk4-290x195 How Business Continuity, Information Security and Risk Management Collaboration Bolster Business Performance

Business continuity and security programs are increasingly being viewed as an integral part of enterprise risk management, rather than a siloed function. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Thanks for your registration, follow us on our social networks to keep up-to-date