By Erin Swan
This has been a big year in terms of breaches in data security—and that’s not a good thing. Many big-name industries have had their data compromised this year, and millions of Americans have been affected by it. Check out the slideshow below to see some of the biggest breaches of 2015 so far. If you’re considered about protecting your company’s electronic data properly, make sure to contact eFileCabinet to learn more about the security measures we can offer you.
In May of this year, CareFirst discovered that hackers had gained access to their online member database. This security breach affected a total of 1.1 million people, who had their names, birthdays, emails, and subscriber info compromised. Thankfully, the hackers were unable to access members’ Social Security numbers, medical info, employment records, and financial data, due to effective password encryption. Still, this breach highlights how vulnerable the healthcare industry can still be.
Cyber Bank Robbers
In February, a cybercriminal ring was discovered that has been hacking into banks around the world. As many as 100 banks are believed to have been affected, and the ring of cyber bank robbers—known as Carbanak—padded their pockets with more than $1 billion in stolen funds. The group managed to infiltrate bank networks using tactics like phishing, and gained access to important data, such as employee account credentials and privileges. The attacks began in 2013 and ramped up through 2014 and 2015.
Breaches in Higher Education
All in all, there have been eight data security breaches in the field of higher education this year. In May, Penn State University suffered two security breaches, compromising the data of over 18,000 people. Harvard University was also the victim of hackers in July of this year. It is still unclear what information the hackers were able to access. Representatives of the schools cite tight budgets as an issue in providing proper electronic security for their data. However, these breaches highlight the need for greater investment in the matter.
Hacking the Hackers
In an ironic twist, on July 5 of this year, an Italian surveillance company known as the Hacking Team was hacked, leading to a number of other security threats as a result of the breach. The Hacking Team creates spy tools for agencies of various governments, including tools that can circumvent anti-virus tools. The cybercriminals published over a million emails that revealed the company’s associations with oppressive governments and multiple vulnerabilities in their Flash software. Many government agencies around the globe found themselves in hot water as a result of this breach.
Password management company LastPass revealed in June of this year that they had suffered an attack from cybercriminals. Users’ email addresses, password reminders, and other secure data were compromised by the attack. However, LastPass stated that they believed their encryption measures would prevent most user data from being usable. This attack showed an increasing trend of hackers targeting security companies directly.
In July of this year, the Army National Guard suffered a data breach due to the insecure transfer of data to a non-accredited data center. According to the Army National Guard, the information was sent by a contracted employee, and may have affected as many as 850,000 current and former members of the National Guard; compromised data included Social Security numbers, addresses, and other personal information. This breach highlights the necessity of having firm security practices in place in every place of business, including government agencies.
Another Healthcare Hazard
2015 has not been a great year for the healthcare industry thus far—at least, not as far as security goes. In yet another health industry hack, health insurer Anthem reported in February that a shocking 80 million patient and employee records were accessed by cybercriminals. The attack occurred over several weeks, and may have revealed names, Social Security numbers, birth dates, healthcare ID numbers, email addresses, home addresses, employment data, income information, and more. According to The Wall Street Journal, the data accessed by hackers was not encrypted, which could have played a big role in making this information vulnerable to attack. Remember, data should always be encrypted, both in transit and at rest.
The Biggest Cyberattack in History
In April and June of this year, the Office of Personnel Management suffered from two separate security breaches. The first attack exposed the personnel data of 4.2 million people, while the second, larger data breach affected approximately 21.5 million federal workers. While it has yet to be announced who is responsible for these attacks, some reports have indicated that the hackers were based in China. The details and effects of the attacks are still being revealed. However, with the snowballing consequences continuing to pile up, many people are arguing that this is one of the largest cyberattacks in history.