Data Breaches, Hackers, Scammers and Crooks… (Oh My!)
People Data (Personally Identifiable Data) has become a large benefit and liability for many corporations. First, they want to (massively) profit off information about me, my family, friends, likes and dislikes. Second, these companies need to store this data to run analytics, reports, lists to curate statistics that can be used to modify your own behavior. However, there is no real incentives to keep that information safe beyond bad PR when the company leaks data or they are hacked. Everyone gets hacked eventually and no one wants to spend the information security dollars on people and processes to secure your data.
Think that I’m bullshitting you? Take ten minutes at your next doctor’s appointment to quickly look around the receptionist’s area and see how many names, social security numbers and other protected health information (PHI) that you can remember in just a few minutes. Reminder, you aren’t a trained criminal by any measure.
Following sites like InformationIsBeautiful.Net and DataBreaches.net, we can easily see how prevalent the data security problem has become. Equifax, Marriott, Twitter, Firebase, Uber, T-Mobile, Exactis – all big brand companies with large datasets stolen and likely sold off or used for malicious purposes. The Equifax data breach alone was 143 million Americans. We should be extra [and continually] angry about these personal information data breaches and continually stressing penalties on the companies and attackers.
To give you more context, Avast has done a great job of aggregating the top 10 data breaches from 2018. We are just including a top 10 chart here, but please read the entire Avast article when you have a moment.
Referenced from: https://blog.avast.com/biggest-data-breaches
Top Ten Data Breaches in 2018
# |
Company |
People Affected |
Hacked/Warned |
Disclosed |
1 |
Aadhaar Data Breach |
1,000,000,000 |
2017 |
January 2018 |
2 |
Starwood Data Breach |
500,000,000 |
2014 |
September 2018 |
3 |
Exactis Data Breach |
340,000,000 |
? |
June 2018 |
4 |
Under Armor/MyFitnessPal Data Breach |
150,000,000 |
? |
February 2018 |
5 |
Quora Data Breach |
100,000,000 |
? |
December 2018 |
6 |
MyHeritage Data Breach |
92,000,000 |
? |
June 2018 |
7 |
Facebook Data Breach |
87,000,000 |
? |
September 2018 |
8 |
Elasticsearch Data Breach |
82,000,000 |
? |
November 2018 |
9 |
NewEgg Data Breach |
50,000,000 |
2018 |
September 2018 |
10 |
Panera Bread Breach |
37,000,000 |
2017 |
April 2018 |
The consensus seems to be very much that Equifax [and others like them] were negligent in securing their own information systems and shouldn’t be able to run their operations in this manner. I think they were. However, data breaches are not a “sexy problem” to hear about on the news as there’s no drama to be had.
Data breaches and hacking attempts don’t just happen at the big business level either; again, your own doctor’s office probably has terrible data security measures in place. We have landed in a delicate situation facing the entire world where information security is a problem, and after-thought, and we are plainly glossing over data security as a people – but you can do many, many things to protect your data online from the multitude of threats. Managing the security of your online data, identity and reputation can be done cheaply, easily and in a time efficient manner.
Security of your online data and identity becomes your problem, not theirs [Facebook, Equifax, etc.].
Leave a Reply