There’s not a cybersecurity news article out there that doesn’t tell you to update your passwords and get a VPN. Now that our cyber anonymity online has been compromised, we need to do everything we can to make sure we’re not taken advantage of should a computer hacker make our private data public.
Even before the FCC’s internet privacy protections were rolled back, we weren’t entirely safe from hackers. Cybercriminals have long been chipping away at security codes and working their way into our seemingly protected cyber systems. According to CNN Money, cybercrime cost the average U.S. firm $15 million in damages annually. When a cyber collective has set their sights on a company, they’ll stop at nothing until the server has been infiltrated and the company drained of its financial resources.
Think of the cybercriminal as a tick. Once the cybercriminal has suctioned themselves to your code, they’re not easily removable. Even if you’re able to remove the cyber tick, there’s a high probability it’s head will remain behind, continuing to cause damage. Any damage a cybercriminal is able to incur will have lasting effects, costing companies tens of thousands to billions of dollars.
Here are 10 companies that learned about cybersecurity (or lack thereof) the hard way:
Using a third-party vendor’s login credentials, cybercriminals were able to gain access to Home Depot’s network, where 53 million customer email accounts were revealed. The cybercriminals were able to steal payment card information through Home Depot’s network using “custom-built” malware on the hardware retailer’s self-checkout systems.
Enraged by the less-than-complimentary portrayal of North Korean dictator Kim Jong Un in the film, “The Interview” the North Korean government had the cyber collective Guardians of Peace hack into Sony Pictures computer systems and stole private information detailing employee data, damning email exchanges and film production notes.
The United States’ second-largest insurance company, Anthem suffered a data breach in December 2014 that was not learned about until January 2015, giving the cybercriminals a month to work in the insurer’s systems without detection. 78.8 million records were compromised. Hackers stole the names, SSNs, addresses and birthdates of Anthem holders and employees, making their identities forever susceptible to theft.
Hacktivist group Anonymous hit Sony PlayStation with a DDoS attack in 2011 because the hacking collective was upset with the legal actions the company had taken against PS3 player George “Geohot” Hotz. Hotz had reverse engineered the PlayStation 3 video game console and was able to show other players how to play pirated games on the device. Sony sued Hotz for his actions. The DDoS attack shut down the gaming system for weeks.
Using a third-party vendor that Target did business with, hackers were able to get into Target’s computer systems and infect the company’s system with malware. The malware was downloaded on Target’s point-of-sale devices, making it easy for the hackers to collect customer credit and debit numbers in real time.
Cybercriminals were able to steal 45 million debit and credit card numbers from Marshalls and TJ Maxx customers. The hackers responsible were able to upload malware onto TJX’s computer network undetected where they were then able to steal the information of millions of customers from the United States all the way to the United Kingdom.
The same hacker who successfully hacked TJX Companies, Inc. also successfully hacked the supermarket chain. Albert “Segvec” Gonzales was able to compromise 400 million credit and debit card numbers by remotely downloading malware onto Hannaford Brothers’ computer network.
Using forged cookies, cybercriminals were able to gain access to 1 billion Yahoo user accounts completely unnoticed. Yahoo has learned that it has been breached multiple times in recent years. Yahoo’s CEO Marissa Mayer has since resigned from Yahoo’s board and gave her annual bonus to employees who have been affected by the security breaches.
According to Computer World, Epsilon is one of the world’s largest marketing-email providers. How did the company’s breach occur? A simple phishing scam. With big-name clients like JPMorgan Chase and US Bank compromised by the breach, Epsilon had to pay up fast.
The United States and Russia have never really had what you could call a warm relationship, just look back at the Cold War.
In 1982, the CIA was able to use a piece of code in then-Soviet Russia’s Siberian gas pipeline that caused the pipeline to explode in what has since been described as “the most monumental non-nuclear explosion and fire ever seen from space.” Remember, no bombs were dropped; this happened using a piece of code. How’s that for cybersecurity news!
Clearly, hackers and government-backed cyber collectives have no intention of slowing down. If you sit back and do nothing to bolster your company’s cybersecurity, you could end up on such a list as this!