Snapchat Hacked! Is there any sense of wonder left when another Internet giant (or any corporation, for that matter) gets hacked and loses your private information? No, the mystery died years ago, which is why we’ve basically forgotten about Target already. Of courseSnapchat.com was hacked. Here’s the recipe for how your corporation can be like theirs:
Collect a ga-gillion pieces of user data all while…
Paying lip service to privacy and security measures until…
Your database is hacked, the press circles & customers revolt while…
You pay expensive recovery costs and belatedly decide to…
Implement security & privacy measures that could’ve saved you a ga-gillion.
Breach Happens, no matter how big or how small you are. But breach destroys only when you are unprepared. When it comes to privacy, the most effective medicine is getting burned. Snapchat is lucky to have experienced it early in their lifetime. When will you get hacked? Will it disappear in 11 seconds…
South Carolina Governor Nikki Haley blamed an outdated Internal Revenue Service standard (see below) as a source of a massive data breach that exposed the SSNs of 3.8 million South Carolina taxpayers plus credit card and bank account data. The identity information, nearly 75 GB worth, was stolen from computers that belonged to the SC Department of Revenue.
The breach reveals some shocking realizations for the people of South Carolina, and the rest of us:
South Carolina is compliant with IRS rules, but the IRS DOES NOT REQUIRE THAT SSNs BE ENCRYPTED. In other words, the keys to your financial buying power (your credit profile via SSN) is protected in no material way by the IRS, and therefore by your state government.
Technology isn’t the only source of blame. As is the case in nearly every data breach I’m brought in to help clean up, a HUMAN DECISION is at the heart of the breach.
A hacking group known as D33Ds Company leaked about 453,000 hacked email addresses and passwords of Yahoo Voices users in order to send a “wake up call” about poor data security practices at Yahoo. The information posted online was NOT restricted to YahooMail login credentials, but included Gmail, Hotmail, Aol and Yahoo user information. In the past few weeks, there have been similar breaches at LinkedIn, eHarmony, Formspring, Nvidia, and AndroidForum. Whazzzup?
Corporations are clearly ignoring warnings that are now commonplace from privacy and security experts: protect your customer data or lose stock value, subscribers and ultimately, your brand reputation.
The average business will NOT take responsibility for preventing a similar breach of their data until AFTER THEY GET HIT. Which is why 95% of companies will hit the snooze button on the wake-up call.
On the surface, social networking is like a worldwide cocktail party—full of new friends, fascinating places and tasty apps. Resisting the urge to drink from the endless fountain of information is nearly impossible because everyone else is doing it—connecting is often advantageous for professional reasons, it’s trendy and, unchecked, it can be dangerous.
Beneath the surface of the social networking cocktail party lives a painful data-exposure hangover for the average business. Sites like Facebook and Twitter are now the preferred tool for malware delivery, phishing, and “friends-in-distress” scams while more business oriented sites, like LinkedIn, allow for easy corporate espionage and the manipulation of your employees.
To avoid the cocktail party altogether is both impractical and naïve—the benefits of social networking outweigh the dangers—but applying discretion and wisdom to your social strategy makes for smart business. Follow these 7 Security Secrets of Social Networking to begin locking down your sensitive data.
Healthcare data breaches are on the rise, 32% over last year. Though some may find this to be alarming, there is a school of thought that this is actually good news and that we are identifying breaches that perhaps went unnoticed in the past. However, the fact remains that breaches are on the rise, statistically, and many organizations fear they lack the infrastructure and budget to protect patient privacy.
The study found the reasons for growing data breaches in healthcare organizations to include:
employee mistakes and sloppiness
lost or stolen mobile computing devices
unintentional employee action
On average, it is estimated that data breaches cost benchmarked organizations $2,243,700. This represents an increase of $183,526 from the 2010 study, despite healthcare organizations’ increased compliance with federal regulations. Respondents in the study noted relying less on an “ad hoc’ process to prevent or detect data breach incidents and are relying more on policies, procedures and security.
The IRS admittedly has little control over protecting your tax returns against identity theft. The problem is too big, the data too widely available, prevention too rarely attended to until it’s already too late. Your tax returns are the Holy Grail of identity theft because they contain virtually every piece of information a fraudster needs to BECOME you. But you don’t have to be a victim; you simply need to take responsibility for what is rightfully yours – your tax return information and your identity. The changes aren’t difficult, they simply require you read through this document so that you recognize the risks. Once that’s done, you simply avoid the highest-risk behaviors.
Here is a comprehensive list of frauds, scams and high risk tax-time practices.
It’s nerve racking to realize that the IRS increasingly struggles to control taxpayer identity theft. Since 2008, the IRS has identified 470,000 incidents of identity theft affecting more than 390,000 taxpayers. “Victims of tax-related identity theft are the casualties of a system ill-equipped to deal with the growing proficiency and sophistication of today’s tax scam artists” said Sen. Bill Nelson, who chairs the newly formed Subcommittee on Fiscal Responsibility and Economic Growth.
Let’s say you ordered winter boots for your spouse on Zappos.com (now part of Amazon), which has world-class customer service. You don’t really even shop the competition because someplace in your brain you already trust Zappos to deliver as they always have. Your unquestioned confidence in Zappos is worth a fortune.
And then hackers break in to a server in Kentucky this past weekend and steal private information on 24 million Zappos customers, including (if you are a customer) your name, email address, physical address, phone number, the last four digits of your credit card number and an encrypted version (thank goodness) of your password. Consequently, your junk email folder is overflowing (your email has been illicitly sold to marketing companies), you receive the doom-and-gloom breach notification from Zappos (just like I did), and suddenly, you don’t have quite the same confidence in this best-in-practice business any more. Your shaken confidence in Zappos costs them a fortune. For the foreseeable future, you will pause before using their website again.
This week’s news of the theft of private data comes from Citigroup. Seems that even the most reputable organizations can be exposed to the ever-more frequent data breaches we read about. You’ll likely recall the recent news of Sony, PBS, Epsilon and Lockheed Martin. Regrettably, the list is growing by the day. It affects me, and likely, it affects you. Now what?
First, arm yourself with the facts. See the attached articles.
Second, remember to protect your most important data (this information, on its own, or in any combination, is a jackpot to an identity thief):
Social Security number
Date of birth
Credit Card numbers
Bank Account numbers
Third, never reply to an e-mail requesting personal information. Unless you originate the communication, suspect the worst and do not respond. This is referred to as “Phishing” and the results are never good.