Every time we turn on the news, we see another unfortunate world event. And every time we check our favorite news websites, it seems as if there’s another report of a widespread ransomware attack. In fact, reports indicate that data breaches rose by 40% in 2016 alone.
Let’s recap some of the biggest data disasters of 2017 so far.
InterContinental Hotels Group (IHG)
Chances are good that you’ve stayed at an IHG hotel in your life, even if you don’t recognize the name. This company owns popular chains like Crowne Plaza, Holiday Inn and Candlewood Suites, and last February, it announced that a breach had affected 12 of its properties. Data such as cardholder names, numbers and verification codes were taken from malware-infected servers used to store the details of on-site restaurant and bar payments—and in April, the number of compromised properties jumped from 12 to 1,200! IHG admitted that it had not initially known the full scope of the breach, but stated that all malware had been eradicated by the end of March.
At MyITpros, we remember the day that a sophisticated Gmail phishing scam targeted about 1 million users. In fact, some of our very own employees received duplicitous emails (but don’t worry, no one fell for the scam!). The phishing attack accessed Gmail accounts through a third-party app and sent emails that looked like they came from recipients’ known contacts, directing recipients to the real Google security page and prompting them to allow access to a fake Google Docs app. Luckily, Google was able to shut down the phishing attack in an hour.
The security industry called the September Equifax breach one of the worst in history. All told, 143 million consumers of this Big Three credit reporting agency had their sensitive data stolen, including Social Security numbers, birthdates, names and driver’s license numbers, and about 200,000 people’s credit card information was also compromised. The breach happened in mid-May through July after a loophole in the company’s software was discovered by hackers. A much smaller attack in March that affected one of Equifax’s subsidiaries received more media attention following the larger attack, at which point the company said it had notified the few thousand people affected at the time.
Back in 2016, it was reported that Yahoo had suffered a catastrophic breach affecting 1 billion accounts, and further details came to light as recently as October 2017. Since the news first broke, it’s been discovered that the actual number of affected accounts totaled 3 billion—every Yahoo account in existence—and spread across email, Tumblr, Flickr and Fantasy. Information taken included phone numbers and passwords.
Of course, this isn’t a complete list—other household names like Chipotle and Whole Foods also suffered breaches this year. As a Texas-based company, MyITpros was particularly sad to hear about breaches happening in our own backyard, such as the one that compromised Denton Health Group. Given the regularity with which breaches are hitting the headlines, educating users on how to spot threats is paramount. To find out more about how MyITpros works to inform and protect its users, give us a call!