Security Breach Update
4 July 2019

Awareness Tops Readiness in Cybersecurity PreparednessAwareness Tops Readiness in Cybersecurity Preparedness

Many organisations are well-aware of their cybersecurity threat landscape. Unfortunately, that has not enhanced their ability to improve their defensive posture. According to a recent survey, only 42% of organizations are confident in their data security.

While many businesses indicate that adopting cybersecurity best practices is more important than increasing profits, less than 60% of these companies have a formal security policy, a number that has not changed since last year.

Indifference may not be the only factor in the lack of preparation. Many companies cite budgetary and personnel constraints as a significant barrier to improving cybersecurity posture.

Even so, the cost of a data breach is more expensive than ever before.

Recent Breaches

United States – Franciscan Health – Healthcare system offering services in Indiana and Illinois.

Exploit: Unauthorized network access

Risk to Small Business: Severe: A rogue employee accessed extensive medical records pertaining to physicians, diagnosis, lab results, medications, and other treatment-related information. Although the employee worked in the company’s quality research department, he had no business-related reason for accessing this private health data. Fortunately, the company quickly identified the privacy breach and took action against the employee. However, they will now have to contend with the cost of providing identity theft protection services to those impacted by the breach, along with the less quantifiable reputational losses that accompany a data breach

Risk to Exploited Individuals: Severe: Currently, there is no indication that the rogue employee downloaded or shared any personally identifiable information. However, the employee did have access to sensitive data, including patients’ names, email addresses, dates of birth, phone numbers, gender, race, partial social security numbers, and medical record numbers. Those impacted by the breach should review and monitor their financial accounts and their benefits statements for suspicious activity

Customers Impacted: 2,200.

Taiwan – Ministry of Civil Service – Government agency responsible for overseeing pay, entitlements, performance, evaluation, insurance, retirement, and pension programs

Exploit: Employee breach

Risk to Small Business: Severe:  Hackers gained access to the government agency’s network, where they retrieved vast amounts of personal information stored with the agency. Another government agency notified the Ministry of Civil Service about the breach on June 22, noting that the stolen data was already published on various foreign websites.

The agency took the proper actions in response to the breach, but the information for hundreds of thousands of workers was already published online, which means that the damage is already done. Now, the Ministry of Civil Service is responsible for helping their employees recover from this devastating event.

Risk to Exploited Individuals: Severe: The agency has already notified those impacted by the breach, which included the theft of their names, ID numbers, national identification card numbers, agency information, job designation, and other professional material. This data will quickly make its way to the Dark Web, so these employees should take every precaution to ensure that their information is safe.

Customers Impacted:  243,376 people.

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
04/07/2019

Follow us on LinkedIn:

Related Articles:
Three Billion Phishing Emails are Sent Every Day
Goodbye Windows 7 – You’ve been great!

Written by