The Identity Theft Resource Center, which tracks data breaches, has counted 381 reported breaches and 10.8 million records exposed from the start of the year through June.
Worst Data Breaches of 2014…So Far
Neiman Marcus
In January, news broke of a card hack at Neiman Marcus where hackers accessed the debit and credit card information of customers who shopped at this chain between July 16, 2013 to October 30, 2013. Only in-store customers were affected, not online transactions. Originally, the company estimated that as many as 1.1 million cardholders could have been affected.
White Lodging
In early February, a hotel franchise management company that manages 168 hotels in 21 states suffered a data breach that exposed hundreds of guests’ debit and credit cards information in 2013. White Lodging Services Corporation maintains hotel franchises for some of the top names in lodging such as Hilton, Marriott, Westin and Sheraton.
Methods of Data Breach
Although the methods of data breach are unique to each case (some times personal data is obtained through a direct cyberattack, other times the data is stolen or leaked by a malicious employee or third-party vendor), the result is the same: state and federal laws require companies to report data breaches.
A data breach can have devastating effects for any company that stores sensitive customer data such as financial information, medical records, email addresses, and passwords. In addition to facing stiff fines and penalties, and potential lawsuits, companies that suffer data breaches are required to contact each and every customer or client to inform them of the breach.
Obviously, telling customers that you’ve allowed criminals to steal their information is not exactly trust-inspiring, so many companies try and cover up data breaches by not reporting them. Many times, a company may not even be aware that a breach occurred until many months after the fact.
No matter what industry you’re in, taking basic steps to ensure that your company’s data is safe is essential in the post-PC, cloud-based computing era.
(Portions of this article appear courtesy of networkworld.com)