Hackers aren’t always responsible for data loss, but security breaches still remain common in 2010. In this article, we’ll explore four of the biggest breaches of that year. Three of them involved cyberattacks by hackers, while the last one on the list can be considered more of an accident than anything else.
Ankle & Foot Center Security Breach Affects 156,000 Patients
In November, hackers were able to access the computer database for Ankle & Foot Center in Tampa Bay, Florida. The hackers were able to penetrate the network and retrieve personal information for over 156,000 patients.
The breach affected names, social security numbers, birth dates, home addresses, account numbers, healthcare services, and diagnostic codes. In response to the breach, the Ankle & Foot Center notified the patients whose privacy had been threatened.
However, as one website pointed out, companies are giving a lot of leniency in how to report a breach. Instead of warning consumers that they are at risk for identity theft, this company pointed out that there may have been a breach affecting their data. The only thing that customers can do is watch their accounts for fraudulent activity, but the Ankle & Foot Center should have made that clearer in their notice to affected patients.
Betfair Security Breach Exposes 2.9 Million Customer Accounts
Betfair, a U.K. gambling site, took a long time to announce one of the biggest security breaches of 2010. In fact, the company didn’t divulge that 2.9 million customer accounts were hacked into until 18 months after the breach. To be fair, the company wasn’t required to make the report by law, but it doesn’t seem right to keep quiet about it, either.
Incidentally, Betfair’s director of security made the announcement that he was leaving the company at the same time. He left to work with a U.S.-based startup company.
The security breach exposed 3.15 million account usernames between March 2010 and April 2010. At the same time, 2.9 million usernames were stolen with one or more addresses in addition to almost 90,000 usernames with bank account details.
According to Betfair, the company didn’t notify its customers because there was never any risk. However, that’s hard to believe if bank data has really been breached as well. Since then, the company moved its operations to Gibraltar for better taxation laws.
Attack on VeriSign Makes Data Theft a Possibility
In 2011, VeriSign admitted that several hacks in 2010 may have compromised critical information. VeriSign helps manage the Internet domain name system (DNS), but the company also provides authentication services, website security services, conducts cybercrime research, and signs code to authenticate updates from software vendors such as Microsoft, Adobe, and Java.
The company’s security team supposedly didn’t report the breach to management until September 2011. The company then disclosed the breach to the Securities and Exchange Commission in their quarterly report at the end of October.
The fact that VeriSign was attacked and successfully hacked doesn’t surprise anyone, considering the company is a huge target. But if hackers were able to knock down the DNS, it would result in taking down large parts of the Internet. Hackers could also redirect people to fake sites and infect their PCs with malware or steal information.
Fortunately, neither of these scenarios came true this time. It seems possible that the hackers were merely after information in the form of documents and such.
Yale Unknowingly Exposed Information on about 43,000 People
In 2011, Yale University had to notify 43,000 faculty, staff, students, and alumni that their personal information had been viewable on the Internet for over 10 months. The server information included names and social security numbers for anyone who was affiliated with the university in 1999.
Why was this information publicly available? Apparently, Yale had been storing the information on an FTP server that wasn’t indexed or searchable by Google in the beginning. That is, it remained obscure and protected until Google modified its search engine.
Yale University was unaware of the change or just didn’t connect it with the information stored on its servers. As soon as the breach was discovered, Yale promptly blocked the server from the Internet, deleted the data on the server, and confirmed with Google that the search engine no longer stored any information from it.
The victims of this security breach are offered identity theft insurance and free credit monitoring for two years.
How eFileCabinet Protects your Information and Prioritizes Cyber-security
Security breaches are common and can be very serious. We understand that any company may become the target of hackers. That’s why we make sure that your information is properly encrypted with us. When information is encrypted, it’s more difficult for hackers to use that information since it takes too much computing power to decipher the code.
The good news is that it’s still more difficult to access information from an encrypted site than to steal files from a locked safe or filing cabinet. With eFileCabinet, your documents are not only secure, but they’re also easily accessible to authorized individuals. To learn more about how eFileCabinet works, fill in the information on this page and start your free 15-minute demo.