Facebook. Flipboard. Fortnite. All three have had security breaches in 2019 leaking hundreds of millions of customers data to hackers. Downright frightful. The spookiest part? It’s not the first time for some of these companies, and it all could have been avoided witch 🧙is the whole point.
When was the last time your organization ensured all personal data and business critical applications were tested for vulnerabilities?
In April of this year, over half a billion users’ Facebook ids, passwords, likes, check-ins, events and more were accessed by hackers through two third party Facebook apps. Still the world’s most popular social media platform this was the biggest breach in social media history to date! Today it’s not just personal information, but behaviours and marketing interests that have companies scrambling at the bit to increase sales and reach potential customers. This was exactly what was leaked; had they instilled “…a combination of…the right processes in place, testing regularly, and taking the extra steps to prioritize and develop layered security (i.e. no shortcuts to save the P&L!).” they could have avoided the incident Upguard reports.
When was the last time your organization reviewed its cyber incident response plan and updated cyber security protocols?
Forbes examined the Flipboard breach highlighting that how a company reacts and manages a breach with their customers is significant. Ethical hacker John Opdenakker states, “while a lot of companies fail at data breach disclosure, Flipboard did a good job; their communication is very transparent and detailed.” So what did Flipboard do? They emailed all their customers details about the breach immediately resetting their passwords and providing detailed instructions on the how and what. They even went one step further and either deleted or replaced all digital tokens while also advising law enforcement. When this incident took place, Flipboard owned up and executed in a timely fashion because they had their cyber security protocols in place and knew exactly what to do.
When did your organization obtain PCI DSS certified status, or has it?
Fortnite is a massively popular online game generating billions in revenue each year with an estimated 200 million players. Hackers created misleading landing pages and sites where game users could falsely purchase in-game currency by entering their personal and credit card information. Check Point Research also found a number of ways to obtain game users’ personal information accessing Fortnite’s database quite easily. The collection and re-sale of customer information, especially when it includes credit card information, on the black market is candy corn for hackers today.
These three are billion dollar organizations and obvious targets for hackers to obtain large data sets of customer information, but today no one is safe. No matter the size of your organization, the guys and ghouls personal data in your systems makes you a target. Prioritizing cybersecurity systems and continually testing and updating them is key to avoiding these situations. Sink your teeth into managing your organization’s cyber security with our Complior experienced security experts. We can help your company reach and maintain compliance with security standards like PCI DSS, PA DSS, GDPR and cloud hosting with such ease it will leave you laughing until you’re coffin.