Data Breach Stories for Cyber Awareness
Other organization’s cyber incidents can serve as a strong reminder of the importance of protecting data through showing impact to the organization. Our Cyber Roundups break down recent cyber incidents by data breaches, disruptions to workflow, or direct financial loss to our core client markets. Below is a description of each category and one example chosen from the stories in our Roundups.
Data breaches encompass phishing attacks, network intrusions, and accidental data disclosures that all result in unauthorized disclosure of information. Data breach notification laws require organizations to notify those affected by PII/sensitive data record loss (normally in excess of 500 persons affected). In addition to notification of affected individuals, organizations may also opt to purchase credit monitoring.
Approximately 25,000 students, staff, and faculty members from the University of Alaska had their personal information stolen, including names and Social Security numbers in June 2017.
Disruptions cover organizations that were forced to take their operations offline due to a security incident. These disruptions directly impact customers and brand reputation. One of the most prominent disruptions is ransomware, a form of malware. The disruption is caused when ransomware blocks access to some or all files on the network.
In Idaho, Bingham County’s phone and computer systems, including a back-up system, were affected by a ransomware attack that disrupted operations for at least three days.
Financial loss incorporates stories about e-mail based wire transfer fraud known as business e-mail compromise (BEC). Check out this PSA on common BEC schemes from the Internet Crime Complaint Center.
Coastal Carolina University sent over $1,000,000 to a scammer posing as a vendor. The university employee fell for a phishing e-mail scam requesting a change the company’s bank account information.
Use These Stories
Our goal is to curate stories that show the importance of security awareness. Note that most, if not all, of these cyber incidents could have been prevented by employee awareness.
The most current Cyber Roundups can be found here. Use these data breach, disruption, and financial loss stories to get the attention of your workforce.