Security Breach Update
21 February 2019

Data SecurityWhat we can do to stop putting our data at risk of identity theft?

5 quick and easy tips for updating your data security.

It’s safe to say that data breaches are one of the primary threats affecting the ways in which small businesses operate. All industries face the risk of exposing valuable personally identifiable information (PII) or protected health information (PHI). To compound the matter, innovations such as Internet of Things (IoT) become deeply integrated into operations and can create additional risk.

However, to mitigate even the most advanced cybersecurity concerns, we must begin by thinking simple and effective.

Here are 5 steps for proactively preventing breaches and protecting your data in the event of a compromise:

  1. Foster cybersecurity team buy-in
  2. Make regular updates
  3. Encrypt data
  4. Backup data
  5. Test cybersecurity protocols

Recent Breaches

Australia – Optus – Telecommunications Company that is looking to be first-in-market with a 5G home broadband service.

Exploit: Website glitch and phishing

Risk to Small Business: Severe: Optus recently disabled its website after receiving user complaints of a system glitch displaying the wrong account information. Customers report being able to see each other’s information, and others have reported receiving phishing emails posing as the company itself. Since then, the company decided to reopen its website and contact customers who might have been impacted.

Risk to Exploited Individuals: Moderate: After being able to view the names, account numbers, services, and numbers of other users, customers are concerned that the website has been hacked and their login data has been accessed. However, until recently, they were unable to change their details since the website was taken down. This news comes shortly after the company paid multiple fines and refunds for misleading customers and developing proper identity verification safeguards. Users should be on high alert, as it is quite probable that a hacker was able to gain system access.

Customers Impacted: Undetermined.

Canada – College of Physicians and Surgeons of Saskatchewan

Exploit: Employee breach.

Risk to Small Business: Severe: Saskatchewan’s privacy commissioner Kruzeinski reported a breach discovered by eHealth in last April and May. Following a crash involving the Humboldt Broncos junior hockey team, seven physicians inappropriately accessed health information about the crash victims without a “need-to-know”.

Upon discovery, Kruzeinski has recommended monthly audits for the violating physicians and enforcement of the “need-to-know” basis organization-wide. It remains to be seen if patients will become aware of the incident and go elsewhere for care.

Risk to Exploited Individuals: Severe: The privacy breach was contained to the victims of the car crash, but protected health information such as lab results, medications, and other chronic diseases could have been accessed.

Customers Impacted:  13 team members.

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
21/02/2019

Follow us on LinkedIn:

Related Articles:
Erosion of Customer Loyalty
General Data Protection Regulation (GDPR)

Written by