Data breaches are becoming expensive

It seems that summer 2019 is when data breaches start to finally cost some real money to companies with bad security practices on both sides of Atlantic ocean:

FTC hits Equifax with fine of up to $700M for 2017 data breach
https://techcrunch.com/2019/07/22/equifax-fine-ftc/?tpcc=ECFB2019

Marriott to face $123 million fine by UK authorities over data breach
https://techcrunch.com/2019/07/09/marriott-data-breach-uk-fine/

UK’s ICO fines British Airways a record £183M over GDPR breach that leaked data from 500,000 users
https://techcrunch.com/2019/07/08/uks-ico-fines-british-airways-a-record-183m-over-gdpr-breach-that-leaked-data-from-500000-users/

5 Comments

  1. Tomi Engdahl says:

    Some of Russia’s surveillance tech leaked data for more than a year
    https://www.zdnet.com/article/some-of-russias-surveillance-tech-leaked-data-for-more-than-a-year/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_content=5d68837a4b188d00011b2240&utm_medium=trueAnthem&utm_source=facebook

    Security researcher finds that some of Russia’s SORM wiretapping equipment had been leaking user data.

    A Russian security researcher has found that hardware equipment meant to be used by Russian authorities to intercept internet traffic had been leaving data exposed on the internet.

    30 SORM DEVICES HAVE LEAKED SURVEILLANCE DATA
    But in a talk at the Chaos Constructions security conference last Sunday, on August 25, a Russian security researcher named Leonid Evdokimov revealed that some of these wiretapping devices have been leaking data.

    Evdokimov said he found 30 SORM devices installed on the network of 20 Russian ISPs that were running FTP servers that were not secured with a password.

    These FTP servers contained traffic logs from past law enforcement surveillance operations

    Reply
  2. Tomi Engdahl says:

    https://nakedsecurity.sophos.com/2019/09/17/teen-music-hacker-arrested-in-uk-for-stealing-bands-unreleased-music/

    A 19-year-old UK man has been arrested for allegedly stealing unreleased songs from world-famous musicians’ websites and cloud-based accounts and selling the music for cryptocurrency, authorities in London and New York announced

    Detective Inspector Nick Court, from PIPCU, said that the suspected hackers stole the music and sold it on illegal streaming sites worldwide, ripping a hole in victims’ livelihoods:

    This sort of crime causes significant financial loss to those who work so incredibly hard to produce, write and make music for their fans to enjoy.

    Reply
  3. Tomi Engdahl says:

    But as breaches become more commonplace, few companies remember the actual incident itself — or even the number of users or customers affected. No matter what kind of security incident you’re thrown into, what happens afterward is how you will be remembered.

    Get it right, you can save face. Get it wrong, and you’ll never live it down.

    Don’t try to cover it up

    Source: https://techcrunch.com/2019/10/04/how-you-shouldnt-handle-your-data-breach/

    Reply
  4. Tomi Engdahl says:

    No matter what kind of security incident you’re thrown into, what happens afterward is how you will be remembered.

    Do the wrong things and your hacked company will be remembered as cyber security clueless and one that smart customers think more than twice if they want to give their info to them.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*