Came across a very useful tool for visualising data loss incidents (at least the ones we know about…). The figure above links to the original site. Well worth a read.
Category Archives: Data Loss
Significant data theft from Anthem – one of USA largest health insurers
Anthem, the US’s second biggest health insurer with about 70 million people on its books across the country, admitted late on 4th February 2015, that it was the target of an external cyber attack.
These attackers gained unauthorised access to Anthem’s IT system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.Tens of millions of records are likely to have been obtained illegally as a result of the hack, Anthem warned.
Health plans branded Anthem Blue Cross; Anthem Blue Cross and Blue Shield; Blue Cross and Blue Shield of Georgia; Empire Blue Cross and Blue Shield; Amerigroup; Caremore; Unicare; Healthlink; or DeCare, are at risk.
It is not clear when the company’s databases were compromised – just that it was discovered some time last week. Anthem is offering free credit and identity monitoring cover to those affected by the breach.
Up to 80 million Americans (current and ex-insurees), are now being warned that they’re being targeted by scammers who are trying trick the victims into revealing additional personal information. Scammers are running email phishing campaigns, and even placing phone calls to affected customers, Anthem says.
The identity of the perpetrators hasn’t been disclosed yet, the FBI are are investigating the. Mandiant, a well-known cybersecurity firm, to look into vulnerabilities of its computer system.
An interesting viewpoint from Kreb’s
Chun’s view
It’s way too soon to speculate on the whys and what happened, only that your organisation is neither too big or too small to be vulnerable.
Good policies and good housekeeping are the backbone of any ISMS. Having a comprehensive plan to deal with breaches and data loss will go a long way in containment and minimising the damage.
First post of 2015 – Insider Threat – Data theft from 350000 Morgan Stanley’s clients
A Morgan Stanley employee, Galen Marsh stole sensitive information from 350000 wealth management clients in December 2014, of which 900 client’s data was posted on Pastebin, an internet expose site with a link for interested parties to purchase more information.
http://www.morganstanley.com/about/press/articles/7f189537-f51c-40b0-a963-fc0dc6c65861.html
Protecting from external threats is relatively simple, the insider threat is much more difficult to mitigate and potentially a lot more damaging.
A robust security policy with regular employee security awareness and obligations training, allied to a well tuned data loss detection and protection is essential. Post-incident response and lessons learnt completes the cycle.
My predictions for security/breaches/data loss in 2015 (and beyond)
Top of the list is existing vulnerabilities; the ones that have been published, the ones with patches issued 6 months ago. Coming joint first will be ingress aided by social engineering, the “click here for the latest on Brad Pitt and Angelina Jolie” or pop-up boxes with “Please enter your credentials to access xyz”.
The first bot on a kitchen appliance has already been reported. As more devices are connected to the ‘net, the more will be compromised and conscripted into the bot armies directed by techno-bandits. Baby monitors, home heating controls, solar panel generators and cars are part of IoT (internet of things).
Much more serious, is nation critical infrastructure being online, even if it supposed to be off net, you can bet that someone has connected it up via 3G, wireless, the forgotten ISDN line or even a dial-up modem. All for the sake of convenience, as convenience always trumps security, it will be a heady cocktail for someone to exploit. The technology is there, the momentum is increasing, but has the security kept up ? From past experience, I’d say not.
ATM (cash machines) will continue to be targeted, whether by skimming or wire-tapping or by re-programming by insiders or malware. Crime and criminals will always follow the money.
On the subject of corporate security failings, they’ll keep happening till the board embraces corporate responsibility for security and instils the necessary cultural changes throughout the company, from top down.
SONY
Sony has been on the spotlight recently, all for the wrong reasons. In April 2011, Sony’s Playstation Network was taken offline by a massive DDOS attack for 23 days.
Target
Target data loss woes
Even though the hack occurred in 2013, it wasn’t till the next year that the full extent and the ramifications were known to the wider public. So far the figures are, the CIO and CEO, $148M USD , 40M credit card details and personal information on up to 70M US consumers.