Hackers aren’t always after credit card information to make a quick buck. 2015 has shown that hackers can have more sinister goals. The biggest case of data loss involved the U.S. government. But the most newsworthy case was probably the hacking of the online dating site Ashley Madison. In this article, we’ll talk about three of the biggest security breaches for 2015 and how you can keep your information safe in the future.
Hackers Compromise Information for 21.5 Million People
In July 2015, the U.S. Office of Personnel Management (OPM) revealed one of the most serious security breaches yet. In a quest for information, hackers were able to obtain data on 21.5 million people. While the number of people affected is large, the sensitivity of the data is even more critical.
According to U.S. officials, China is the leading suspect for this massive hacking of a government agency. But regardless of who originated the hack, they are in now in possession of names, social security numbers, educational history, employment history, and the financial history of about every person who applied for security clearance. The information collected on these applicants is vast and also includes information about their immediate friends and family members.
The hackers were also able to get access to over 1.1 million fingerprints. Anyone who applied for security clearance after 2000 is likely to be impacted, but even prior year applicants could have their information compromised.
The real damage isn’t necessarily that hackers were able to get social security numbers; what’s worse is that they now know everything there is to know about 90% of all security clearance applicants. A foreign power could use the list of weaknesses to exploit or blackmail U.S. personnel. The only group that was excluded from this theft is CIA undercover agents.
Hackers Stole Details of 2.4 Million Carphone Customers
Carphone Warehouse, a company that sells phone and provides phone services, fell victim to hackers in August 2015. The U.K.-based organization reported the incident to Scotland Yard and the Information Commissioner’s Office (ICO).
According to Carphone, the hackers were able to access names, addresses, birthdates, and bank details of 2.4 million customers as well as 90,000 credit cards. The majority of affected customers, about 1.9 million, had purchased directly from Carphone Warehouse. About 480,000 customers were TalkTalk mobile customers.
Carphone Warehouse is notifying customers about the breach. Of course, this is an opportune moment for hackers to send phishing emails to customers. ICO warns people to refrain from giving out information to anyone via email to prevent identity theft. Potentially affected customers are also asked to watch their credit card statements and credit ratings.
32 Million Ashley Madison Users Exposed
In August 2015, Ashely Madison, the premier dating site for married individuals seeking an affair, became the latest victim of hackers. The hackers obviously disagreed with the idea of anyone cheating on their spouse. They hacked and stole data from Ashley Madison and Established Men, both run by Avid Life Media (ALM).
Along with a message to ALM and its customers, the hackers dumped 9.7 GB of data on the web that included information on about 32 million users. They did this after blackmailing ALM to shut down both websites in return for the stolen information. ALM did not respond according to their wishes.
The company spokesperson condemned the release of data. The hackers’ action was criminal. Whatever the hackers’ moral beliefs may be, there is no justification for them to judge others when they’re engaging in perfectly legal activities online.
Whatever your opinion on extramarital affairs, the affected customers are the ones who have to bear the shame of it all. The information that was released didn’t just include customers’ names, email addresses, addresses, and account information, but also descriptions that members posted about themselves. The description often included the members’ sexual preferences.
ALM used bcrypt to secure the passwords, which is one of the better options as far as cybersecurity goes. However, the company may have failed to delete user accounts as it promised to do for a fee of $19. The company has Canadian lawsuits pending over this same issue. But things get worse.
On August 22, hackers revealed private emails for ALM CEO Biderman proving that he cheated on his wife with at least 3 separate women. CEO Biderman resigned as of August 28, 2015.
And while Ashley Madison claims that users are still taking advantage of its services, research proves them wrong. Not only does the site have much fewer active female users than the company claims, but many of them seem to be fictitious. The profiles of 68,000 female users came from the same IP address, and hundreds of women are sharing a unique last name with a former Ashley Madison employee.
How to Keep Information Safe
Hackers have shown again and again how easy it is for them to access sensitive information. But even though the fallout from Ashley Madison was bad, the hackers were unable to crack the passwords that used proper bcrypt encryption techniques.
In order to keep your documents safe from unauthorized access, you have to make sure that your document management system is up to date. eFileCabinet takes cybersecurity seriously and encrypts all of your information, not just your passwords. We think that if the documents are important enough for you to store them, then they’re important enough to be properly encrypted.