• April 7, 2014

8 Infamous Data Breaches of the Past Year

8 Infamous Data Breaches of the Past Year

8 Infamous Data Breaches of the Past Year 1024 854 Managed Solution

One by one companies and agencies are falling victim to data theft. In fact, some of the biggest breaches have occurred within the past year. This level of vulnerability has forced organizations to re-think their security strategies and develop multi-layered defenses against cyber-intrusion. Here we review eight notorious data breaches of the past year and remind ourselves to tighten up!

1. California DMV

Sometime between August 2013 and January 2014, the California DMV cited a possible credit card breach through transactions conducted on their website. The DMV is concerned that other information such as driver’s licenses, social security numbers, email and physical addresses were also stolen.
Affected: 11.9 million (or more) credit card transactions
Aftermath: While the DMV is not 100% sure that the breach occurred, they are performing a full forensic investigation and notifying banks and other institutions of the possibility.

2. University of Maryland

In February, the University of Maryland suffered a large cyber-intrusion. Hackers reportedly accessed 16 years’ worth of social security numbers, birthdays and university ID numbers of staffers, students and employees.
Affected: Anyone with a campus ID since 1998 (approximately 300,000 people)
Aftermath: Another cyber-attack was reported shortly after the initial one which prompted the FBI and Secret Service to get involved.

3. Sally Beauty

Also in February, Sally Beauty Holdings became aware of suspicious network behavior. Thanks to Tripwire’s intrusion detection technology they were able to shut down external communication and look into the potential breach. Unfortunately, the investigation showed that credit card data had been stolen.
Affected: 25,000 records
Aftermath: Verizon’s cybersecurity and forensics teams along with the Secret Service have been deployed to investigate the data breach further.

4. Target

Last December, Target announced that it had been the victim of a massive cyber-attack via their point-of-sale (POS) devices. Personal data, credit card numbers, and PIN numbers were all stolen in what some are calling one of the biggest data breaches in history.
Affected: 70 million consumers
Aftermath: Target has offered free credit monitoring and identity theft protection for those affected. Additionally, Target will cover any fraudulent charges made (as a result of the breach) to customer credit cards.

5. Neiman Marcus

Between mid-July and late October of last year Neiman Marcus said that it too had suffered a data breach similar to Target. While credit and debit card numbers were stolen, PINs were not.
Affected: 1.1 million customers
Aftermath: Much like Target, Neiman Marcus is offering free credit monitoring and identity-theft protection to those whose data was compromised.

6. Apple Developer Portal

In July of 2013, apple noticed suspicious behavior on their developer site and initiated a three-day shutdown/investigation of the site. While sensitive information was encrypted and therefore safe, information such as names, email and physical addresses were thought to be compromised.
Affected: 100,000 developers
Aftermath: Apple promised developers that it would overhaul its systems, update server software and rebuild their entire database.

7. Adobe

In October, Adobe reported a cyber-attack on credit card data and login records of its account holders. Source code for Photoshop was also taken. Luckily, credit card information was encrypted therefore making it more difficult to abuse. This breach apparently affected Evernote users as well, hence conflicting data below.
Affected: 3 million users (or 38 million – reports vary)
Aftermath: Adobe is offering free credit monitoring to users whose encrypted data was stolen.

8. LivingSocial.com

In April of 2013 LivingSocial suffered a cyber-intrusion and lost user’s names, emails, birthdays and passwords.
Affected: 50 million users
Aftermath: Registered users were asked to reset their passwords.
Don’t fall victim to a data breach. Have the appropriate security measures and monitoring in place to stop a cyber-attack before it happens. We’ve learned that everyone is potentially vulnerable, including large corporations and the government, so ensure that you have an up-to-date backup and disaster recovery (BDR) plan in effect.

To learn more about data security and BDR solutions from Managed Solution, fill out the contact form to the right or call us at 800-550-3795.