Who has access to your critical data
More and more companies need to be aware of exactly “who has access to your critical data”. Even the security company expert, Trend Micro who are a multinational cyber- security defence company had an embarrassing security lapse that resulted in an employee being fired! This employee sold information on 68,000 of Trend Micro’s customers, to tech support scammers. As a result, the fraudsters impersonated the security vendors employees and called their customers regarding their home security!
Initially, Trend Micro thought an external hack was responsible, like the last time. In May last year a Russian hacking collective Fxmsp stole a claimed 30 terabytes of source code from Trend Micro, Symantec and McAfee and put it up for sale with an asking price of US$300,000. https://www.advanced-intel.com/post/top-tier-russian-hacking-collective-claims-breaches-of-three-major-anti-virus-companies
In Trend Micro’s defence they launched into an investigation immediately. But the process took time. Eventually they found the rogue employee had accessed a customer database and sold the information on it, to an unknown third-party.
The database contained customer names, email addresses, and phone numbers along with Trend Micro support ticket numbers. Fortunately, there is no indication that any financial or credit card information was touched. Also, none of the customers effected included government or the business sector.
Trend Micro have thankfully asked themselves, “who has access to your critical data” and disabled all unauthorised access to their customer database. They are also continuing the investigation with law enforcement.
It isn’t certain whether any customers systems or data were damaged by the cold-calling criminals and Micro Trend have told customers that their staff would never call them out of the blue. Calls are scheduled in advance. Customers getting any unsolicited calls from these fraudsters are advised to hang up immediately and contact Trend Micro.
Data loss horror stories
Did you recently buy an online item from a large corporation that just had a data breach? For the large corporation, the widely covered event by the media, often means years to rebuild public trust. No one likes the idea that their personal information has gotten into the wrong hands.
But what about when either human error or environmental factors cause a data fiasco? According to Wikipedia, corporations that suffered a major loss of business data struggle to survive. Wiki figures show that 43% of businesses never reopen and 29% close within 2 years. As a result, large corporations need to take seriously the data backup and disaster recovery of systems, if they want to outlast the competition.
To avoid or recover from data breaches or fiascos, corporations need to invest time, money and plan- ahead to ensure the minimisation of loss in the event of a disruption.
Are you having a hard time grasping the importance of backing up your data, and having a disaster recovery plan? Let’s take a closer look at a number of data loss horror stories.
- the U.S. consulate database in 2014, impacted 200,000 or more visa-seekers worldwide after suffering a major crash. While the data was backed up, the system wasn’t so when the rogue software patch was installed it resulted in a central passport and visa system to crash. This meant no-one could enter the U.S as visa-seekers were literally shut out of the system.
- In 2015, according to com https://www.reuters.com/article/us-usa-voters-breach-idUSKBN0UB1E020151228 who are an independent security researcher discovered a database of 191 million voters with names, addresses, birth dates, preferred party, phone numbers, and emails on the internet. This resulted from an incorrectly configured database.
- The Pixar film, Toy story 2 almost had to do a re-take as a large portion of the film was almost lost to a “remove all” command typed by an employee. The company founder Ed Catmull said luckily the technical director had secretly taken the film home to catch up with his family while working and had it saved on his home computer. Whew !!, as they realised their backups hadn’t been working for over a month.
It’s best to avoid becoming another Wikipedia statistic and invest in securing your organisational data. Don’t become another horror story!!