The year 2016 saw an increase of data breach cases by 40 percent, sending an alert to the business world that the coming days are going to be tougher. Now that we are halfway through the year, let’s take a stock on where the corporate world stands in terms of network security.
When we have a closer look at top cyber-crimes in 2017, it’s evident that data breaches have become more chaotic and severe.
E-Sports Entertainment Association (ESEA)
January 2017: As soon as the year 2017 stepped in, the term network breach was echoing in the office of E-Sports Entertainment Association (ESEA). As per the LeakedSource report, around 1,503,707 ESEA records were leaked. The massive data breach led to the loss of a great deal of private information, such as, user name, last login, registration date, email address, zip code, website URL, and so on.
InterContinental Hotels Group (IHG)
February, 2017: Another major target of malicious data breach activities was InterContinental Hotels Group (IHG). The popular hotels group includes hotel chains like Crowne Plaza, Holiday Inn, Candlewood Suites, and Kimpton Hotels. Around 12 properties of this hotel group was affected by the malware attack, which was active from August 2016 to December 2016. The malware was found in the servers for processing payments at on-site restaurants and bars under the IHG. It caused severe data breaches in the form of cardholder names, card numbers, expiration dates and internal verification codes.
Dun & Bradstreet
March 2017: This month witnessed a large number of data breach cases from different industries and sectors. While River City Media released their private data into cyberspace due to inappropriate configuration of backups, Verifone was found struggling with a breach in its internal corporate network. Amid the frequent news of data breaches, another prominent was at Dun & Bradstreet. Over 33 million corporate contacts of Dun & Bradstreet were shared on the web, which included full names, phone numbers, work email addresses, and other business-related data. In the last few days of March, bigwigs like America’s JobLink, UNC Health Care and Saks Fifth Avenue were also found struggling with malicious breaches in their network security.
IRS Data Retrieval Tool (FAFSA)
April 2017: IRS came forward to reveal that the personal information of around 100,000 people may have been stolen. The personal data were related to those who had enrolled in the scheme, which involved the data retrieval tool for the Free Application for Federal Student Aid (FAFSA). As a consequence, IRS had to shut down its data retrieval tool and process refund claims in large numbers.
May 2017: Even Gmail was affected by a sophisticated phishing scam, which affected around 1 million users in just an hour. Hackers behind this scam tried to get access to Gmail accounts through a third-party app. But, Gmail mitigated the effect of this data breach by adopting quick measures. Not just Gmail, but Brooks Brothers retail stores, DocuSign and OneLogin also fell prey to malicious data breach intentions.
Washington State University
June 2017: This prestigious university also caught the attention of malicious hackers. At the Washington State University storage unit in Olympia, a hard drive containing person information of approximately 1 million users was stolen. The hard drive was kept inside an 85-pound safe and had information that was gathered from different researches conducted by the university. Along with Washington State University, the University of Oklahoma witnessed an on-campus data breach. The personal information of thousands of students was made public to users within the university’s email system.
California Association of Realtors
July 2017: Recently, Real Estate Business Services (REBS), a subsidiary of the California Association of Realtors became the victim of data breach. Malware infected the online payment system of store.car.org and the personal information of those who made payment on the website was duplicated and transmitted to an unknown third party.
In the coming days, cyber-security practitioners need to be extra vigilant about any chances of breach in their network security.