535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

December 27, 2017

Two More Data Breaches Announced

If you thought we would make it through 2017 without any more data breach announcements, you were mistaken.

Last Friday, it was revealed that there was a data breach at marketing analytics provider Alteryx. Cybercriminals successfully exploited an online database and obtained sensitive data from about 123 million U.S. households. The data included family financial information as well as demographic data and contact information as well as data related to auto and home ownership. According to Fortune, hackers acquired sensitive data from children, too. Sources indicate that the database was open to anyone with an account on Amazon Web Services (AWS).

Then today, Nissan Canada Finance (NCF) admitted a massive data breach of its own. The company admitted that earlier this month, someone gained “unauthorized access to personal information.” 

This large data breach is believed to impact all current and former NCF customers in Canada — about 1.13 million in total.

“On December 11, 2017, NCF became aware of unauthorized access to personal information,” the company stated.

“The unauthorized access may have impacted the following types of information for some customers: customer name, address, vehicle make and model, vehicle identification number (VIN), credit score, loan amount and monthly payment.”

As of right now, both incidents are under investigation..

Looking ahead to 2018, keep these examples in mind and consider taking active measures to make sure that your organization avoids going through the same complications. Data breaches of this magnitude do not go away overnight and it’s safe to say these organizations will be dealing with the ramifications for years to come.

To learn more about how Apex Technology Services can protect your business, click here.

Here are some of the areas all organizations looking to promote a cybersecurity culture need to focus on.

1.    Cybersecurity training must be done regularly.

2.    Auditing and documentation must be performed regularly to ensure systems are secure.

3.    Anomaly detection should be running constantly to detect threats as they emerge.

4.    Penetration testing shows if systems can easily be reached from the outside. Here is a case where this test might have saved two company’s’ reputations from being destroyed.

5.    Network forensics for when a breach eventually occurs. The bad guys always seem to get in eventually.

6.    An action plan to follow when a breach does occur. Once it happens, few will have the clear heads needed to “wing it” correctly. Equifax botched it’s response in what is being called a PR catastrophe.

To ensure your organization is safe – even if you have internal IT, hire an experienced MSP or MSSP like Apex Technology Services.


 



Comments powered by Disqus

Related Articles