2015 seems to have been the year of cybercrime, with countless companies making news headlines as their network security was breached. The reality is that this is only going to get worse in 2016. Cybercrime is becoming a massive issue for all businesses and it’s important to be aware of the risks. Here are what we think are the top five security scandals of 2015.
1. Talk Talk
You may be getting sick of us talking about Talk Talk but we think it highlighted the horrifying dangers of cybercrime. The attack was orchestrated by teenage boys using methods that should have been secured against years ago. Businesses cannot afford for their customer’s data to be stolen in the way it was at Talk Talk. You may be able to recover from a data breach but never from a loss of reputation. You can read a previous blogs on Talk Talk here.
2. Ashley Madison
In July the dating website Ashley Madison suffered from a data breach. The site’s purpose is to orchestrate affairs with its users being married or in committed relationships. Hackers stole customer’s names, addresses, search histories and credit card numbers and threatened to release them if the site was not immediately shut down. Some customers received extortion emails demanding sums of money or their partners would be informed of their use of the site.
In November it was revealed that 4.8 million children’s data of first names, genders and birthdays had been stolen from the toy company, VTech. The breach was caused reportedly by poor password security, it is believed that company did not take the appropriate steps to protect customer passwords. Secure websites never store passwords in a readable format.
4. Marks and Spencer
In October, Marks and Spencer were forced to suspend its website for two hours because customers were able to see other customers’s details. Shoppers were able to see other individuals’s orders and in some cases their payment details. While this made news headlines in October, a member of ACUTEC’s staff has stated that she experienced this last year on the Marks and Spencer site on her iPhone but it never reached public attention. This was not caused by hacking but due to a still unknown ‘internal technical problem.’
Adele fans suffered a data breach only a few weeks ago when tickets for her tour went online. Ticket company Songkick could not cope with the extreme traffic that the tickets created on their website and it caused a breach in data. Fans were able to see each other’s shopping baskets, including payment details. Customers reported seeing other people’s credit card numbers and addresses. Security consultant, Graham Cluely reported to the BBC that it sounded as though the website’s code had been written insecurely as this should have been impossible.
These security breaches show how even the biggest and most sophisticated companies are unaware of the flaws in their systems. Make sure that in 2016 you ensure that your technology is as secure as possible for a safe new year.
From everyone at ACUTEC, we would like to wish you a very happy new year.