National Cybersecurity Awareness Month certainly started with a bang, and not in a good way. My inbox was blowing up on Friday afternoon with alerts about the Experian breach involving T-Mobile wireless customers, and before I could catch up on that news, the emails shifted direction to the Scottrade breach. Today, as I was searching for more information about the breaches, I saw an announcement that the American Bankers Association’s website was hacked.
Even in this breach heavy (and weary) world, that’s a lot of bad news all at once. In fact, this comment that Ryan Wilk, director, customer success, NuData Security, sent to me seemed to sum up the news of the past few days quite well:
Data breaches don’t occur in a vacuum. The repercussions are widespread and often have a ripple effect.
I noticed that Experian is beginning to see a ripple effect already; it has suffered a serious financial blow. According to CNBC:
The world’s largest credit checking company Experian suffered its biggest one-day fall in more than a year after hackers stole the personal details of up to 15m T-Mobile US customers.
We talk all the time about how a data breach can hurt the SMB financially, to the point where the business can’t recover. As we’re seeing, it happens to the big boys, too. Yet, cybersecurity still remains an afterthought. As Good Technology VP Phil Barnett told me in an email statement:
Many companies are still flying blind when it comes to security, because many companies still don’t think it affects them. Data is a company’s biggest asset, but many organizations haven’t yet got to grips with how to protect it in the new world order of mobile devices and cloud-based access. The security challenge won’t go away and companies need to change their mindset in order to solve it.
There is also a mindset out there that the worst breaches involve the customers’ credit card or financial information. Of course, that’s not necessarily true, and these breaches should remind us exactly what is at risk for both the consumers who are trusting their information to a company, to the employees, and to the company itself. As Tim Erlin, director of IT security and risk strategy with Tripwire, told me in an email:
It’s tempting to consider this breach a lesser risk because no credit card data was compromised, but the loss of this type of personal information can lead to identity theft. It can be both difficult and costly for consumers to recover when their identity is stolen.
Let’s hope this is as bad as it gets during National Cybersecurity Awareness Month, but I’m not placing any bets.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom’s Guide. You can reach Sue via Twitter: @sueporemba