data breach

2018 Data Breach Timeline

In a world where data is power, it is important to know which industries are at high risk of data breaches. You probably think banks and financial services firms are the number one targets for hackers, right? Wrong. Cyber-crime is on the rise and no corporation or government agency is immune to data breaches. According to Recent research the 4 most breached industries are:

Healthcare
Manufacturing
Transport
Financial Services

TOP 4 INDUSTRIES

HEALTHCARE

2017 figures put healthcare at the top of the list when it comes to industries with the highest data breaches. According to the Information Commissioners Office the health sector accounts for 43% of all data breach related incidents.

Perhaps this sector’s vulnerability can be seen in the slow uptake in IT security, as well as spending cuts making it hard for healthcare to make room in budgets for IT investment. In addition, this sector could be a red-hot target due to the wealth of personal information they hold onto, patient records sell for a premium on the black market.

The PWC Health Research Institute states the estimated cost per patient record is $200, this includes post-breach costs such as lost business due to reputational damage. The cost to prevent a breach however, is only $8 per patient record, this is a strong motivational point for healthcare institutions to spend more to prevent cyber intrusions.

FINANCIAL SERVICES

Here is the perceived favourite! Due to the sector’s long history of cyber-incidents, many have invested extensively in upping their security. A recent case that shows despite their efforts attacks still occur is the attack on Tesco Bank. This is where hackers stole £2.5 million from customer accounts.

One of the biggest threats facing the financial sector unfortunately is from careless or compromised users. According to the Threat Intelligence Index 2017, this sector suffered more breaches than any other industry, with more than half of these coming from internal sources. Internal sources aren’t secluded to just employees, contractors or third-party suppliers also have access to sensitive data so are just as liable to blame.

MANUFACTURING

According to a recent Fraud & Risk Report88% of manufacturing CEO’s reported their company fell victim to at least one instance of fraud in the last 12 months. This is far from a shock. Within manufacturing sits the likes of automotivepharmaceuticalschemical and defence organisations who all hold onto large amounts of critical data.

Most of this data is in the form of research & developmenttrade secretsand intellectual property patents, thus proving it to be extremely valuable information for anyone engaging in corporate espionage. Information theft and loss of attack were the most common forms of fraud experienced by this sector.

TRANSPORT

Transport networks are connected internationally to streamline processes, however, while internet-based tracking, navigation and communication tools are most certainly efficient they also create entry points for hackers.

For instance, the NotPetya malware on Maersk in 2017 cost the shipping mogul roughly $300 million. It’s not always external hackers whom are to blame.

NOTABLE DATA BREACHES 2018

1st February 2018
1st February 2018

CAREPLUS HEALTH PLANS

CarePlus Health Plans, a Florida-based health insurance provider is notifying customers of a privacy breach which occurred in January. This breach occurred due to programming and printing errors, leading to Explanation of Benefits letters being mailed to the wrong CarePlus members. This disclosed information including personal financial information and Social Security numbers. More specifically individual’s member name, identification number, plan name, date of service, provider of service and services provided. Roughly 11,200 members were exposed as a result of this breach.

2nd February 2018
2nd February 2018

FEDEX

Researchers from Kromtech Security discovered the personal information of 119,000 FedEx customers sitting on an unsecured Amazon Web Services cloud storage server. These customers had their passports, driver’s licenses and other documentation accessed. The scanned ID’s originated from countries all over the world, as well as being attached to personal information such as, names, home addresses, phone numbers and post codes.

1st March 2018
1st March 2018

BJC HEALTHCARE

BJC HealthCare discovered a wrongly configured server exposing the scanned document images of 33,420 patients. This company includes 15 hospitals and other health service organisations. This server was left unsecured from May 2017 through to January 2018, revealing driver’s licenses, insurance cards, addresses, social security numbers, telephone numbers, treatment records, and other personal information.

2nd March 2018
2nd March 2018

HACKER RING BACKED BY IRAN

A government backed hacker ring was discovered by the U.S. Justice Department. The hackers systematically hacked into the computer networks of 144 U.S. universities, by performing a phishing scam and breaching email accounts of roughly 4,000 professors. Once access was gained the hackers stole 31 terabytes of intellectual property, totalling $3.4 billion worth of damages. In addition, the Iranian hackers attacked 36 private American companies and infiltrated 5 U.S. government agencies, stealing the emails associated with thousands of accounts.

3rd March 2018
3rd March 2018

MYFITNESSPAL

Roughly 150 million users of MyFitnessPal app owned by Under Armour have had their personal details leaked in a data breach, including usernames, passwords and email addresses, the kind of information that leads to identity theft. The app not only tracks calories and the number of steps an individual has done in a day, it also knows where they are and at what time.

4th March 2018
4th March 2018

ST. PETER’S SURGERY & ENDOSCOPY CENTRE

St. Peter’s Surgery & Endoscopy Centre, has reported a data breach discovered on January 8th, according to their report 134,5112 individuals have been impacted after a third party gained access to hospital servers. The compromised info included patient names, date of birth, addresses, dates of service, diagnosis codes, procedure codes, insurance information, Medicare and social security numbers.

1st April 2018
1st April 2018

PANERA BREAD

Bakery-café Panera Bread has left the information of up to 37 million customers in plain text accessible from its website. Customers who have created an account to order online can expect their full name, email and physical address, phone number, birthday and last four digits of credit or debit card to have all been compromised. Additionally, the companies catering application was also impacted.

2nd April 2018
2nd April 2018

SAK’S FIFTH AVENUE

Owner of retail stores Saks Fifth Avenue and Lord & Taylor, Hudson’s Bay Company confirmed that hackers stole the data of more than 5 million credit and debit cards. Analysis shows that the breach of payment systems began in May 2017. Those responsible have begun selling customers’ credit and debit card information on the dark web, 125,000 payment cards have been released so far.

3rd April 2018
3rd April 2018

SUNTRUST

Atlanta bank, SunTrust experienced a data breach impacting 1.5 million clients. This breach occurred due to a former employee whom exposed customer names, addresses, phone numbers and account balances.

5th April 2018
5th April 2018

UNITYPOINT HEALTH

UnityPoint Health, a network of hospitals, clinics and home care services announced that 16,000 people have been affected in this incident. Several employees’ email accounts were compromised after a successful phishing attack, these accounts could have been accessed since 1st November 2017. This information exposed included patients Social Security numbers and Financial information.

HOW MOBLICITI CAN HELP YOU

The industries above are just the top four, no sector is 100% data breach free, this is where Mobliciti come in, we can mitigate the stress of dealing with these challenges. We can offer you an abundance of fully managed services to suit your business’ specific needs. Mobliciti harnesses the most innovative and secure technologies to make your business secure and give you piece of mind.

Our managed services are SecureFlexibleScalable, built using our best of breed technology solutions and delivered by our experienced support and delivery teams. We allow customers to remove the risk and retain the control over the increasingly complex worlds of Mobile, Wireless and Cloud. Get in touch today to find out more.