Is it irony, coincidence or a dark cosmic joke that some of the biggest security breaches we’ve ever seen are happening now?
A.K.A. right when we’re celebrating National Cyber Security Awareness Month?
We’re tempted to respond to the news of these breaches with a laundry list of advice and observations…but then we realized there’s enough of that out there already. So instead we thought it might be more useful to keep supplying you with an informed, curated reading list.
Welcome to the first edition of The Breach Report. As major breaches happen, we’ll skim for the most important data points from the most trusted resources and publish them here.
Equifax Breach Update:
- It’s worse than we thought…and also better? What was originally thought to be a breach that affected 143 million Americans actually is ending up to affect 145.5 million. Then again, they thought 100,000 Canadians were breachedwhen really it was “only” 8,000.
- Did you know 11 million driver’s licenses were compromised in the Equifax breach? Why does this matter? Because although the documentation isn’t as potentially damaging as, say, a social security number, the physical details listed on the license could make it that much easier to steal the victim’s identity. (Many states have eye color and height listed.)
- Homeland Security alerted Equifax on March 9th that Equifax had a serious vulnerability but they took months to patch it.
What Might Be Next:
- Unlike many other big and infamous breaches, the Equifax event might actually result in a payout for its victims. Some lawyers estimate up to $1 billion could be paid out by Equifax and – for once – be received by consumers themselves and not just the class action attorneys.
- The implosion of our current credit system? Fortune wrote a fantastic (angry!) article about how the best answer to this breach might just be “…a systemic reform to the credit oligopoly.”
Deloitte Breach Update:
- Though the hack was discovered in March 2017, it’s believed that hackers had been in their system since October or November 2016. That’s unrestricted access for four or five months!
- Government Issue? We’ve recently read that this hack affects not only private companies but also “U.S. departments of defense, state, energy, and homeland security, along with the National Institutes of Health, the U.S. Postal Service, and major companies like Fannie Mae and Freddie Mac.”
What *Should* Come Next:
- More than one national news source is urging companies to institute multi (or at least two) factor authentication in their cybersecurity programs.
How Safe is Your Enterprise?
Knowledge is power. And checklists are empowering! Find out how vulnerable your company might be right now.
Download our new 12-page eBook “Check Your Armor: What’s Your Most Vulnerable Cybersecurity Spot?”
In it, we supply you with a checklist of questions to ask yourself – and your IT department.