At the end of last year, Sarah Kuranda wrote an article on The 10 Biggest Data Breaches Of 2016 for CRN. 2016 was, unfortunately, another big year for data breaches. While, organizations understandably do not like to share how they were compromised, having the assurance of complete coverage of security software and robust hardware and software asset management can make a significant difference. A popular approach to achieve this goal involves the use of a Configuration Management Database (CMDB) to track hardware and software on every connected device, coupled with a Data Quality Management (DQM), a solution that is a popular element of a sound security strategy. With this background, this post will look back at five of the biggest incidents from the past year:
5 – Verizon Enterprise Services: Verizon Enterprise Services announced that it had been the victim of a data breach that affected more than a million of its enterprise customers. The breach allowed hackers to collect information on an estimated 1.5 million enterprise clients, including basic contact information. The breach highlighted concerns of telecom providers, which are attractive targets to hackers, as these providers hold an extensive amount of customer information. Could a security control, such as regularly checking to ensure every system has updated security software, have prevented this theft?
4 – Department of Health and Human Services: During April, a laptop and portable hard drives containing personal information were stolen from the Office of Child Support Enforcement in Washington, part of the U.S. Department of Health and Human Services. Police said at the time that intruders had stolen the devices by using a key from a disgruntled former employee. The devices contained personal information on as many as 5 million individuals, including Social Security numbers, birthdates, addresses and phone numbers. Products, such as Computrace, can locate and disable stolen laptops to help prevent this type of exposure, and a properly maintained CMDB can tell you in which laptops this type of capability is active.
3 – State Fishing and Hunting License Sites: During August, a hacker attacked the wildlife sporting licensing sites of four states, gaining unauthorized access to the personally identifiable information of more than 6 million people in Washington, Kentucky, Oregon and Idaho. While this breach was limited primarily to outdoor sportsmen, every agency in every state collects significant amounts of information about their citizens. Securing this data should be as high a priority as it is for regulated commercial industries such as healthcare.
2 – Myspace: During May, the social media network announced a breach that reportedly affected 360 million accounts. In a blog post announcing the breach, Myspace said it discovered that email addresses, usernames and passwords for accounts created prior to June 11, 2013 had been posted on an online hacker forum. Myspace had updated its platform during 2013, which included a strengthening of account security. Was MySpace aware of unauthorized wireless routers being used within its organization?
1 – Yahoo: This was the biggest breach in the history of breaches (so far). During December, Yahoo announced a breach that it said affected 1 billion user accounts. This breach, first occurred during August 2013, with an unauthorized third party stealing data that included names, email addresses, telephone numbers, birthdates and hashed passwords. The company said it also, in some cases, included encrypted or unencrypted security questions and answers. This incident has reportedly put the company’s pending $4.8 billion acquisition by Verizon (also on this list) in question. Was anti-intrusion software installed and/or updated on every server?
While it may seem like hindsight to say, “They should have done X, Y or Z to prevent these breaches,” the truth is they should have done X, Y, and Z. That’s IT’s job. According to a Ponemon Institute study, the average cost of a data breach for 2016 was estimated to be $158 per record and approximately $4M per breach.
Configuration management plays a critical role in securing an organization from a continuous stream of threats. Whether it is a server or end-user device, ensuring every end-point has security software installed and updated is a good starting point.
Blazent does this by making sure every active asset on a corporate network is recorded in the central CMDB by comparing and intelligently reconciling existing records against what asset discovery and IT operations tools see. Next, missing or expired security software is highlighted to help plug gaps in the security umbrella. All the breaches in this post could have been avoided if the proper steps had been taken ahead of time. You can learn more about how Blazent can help you from becoming another cautionary tale by visiting our Website and reviewing our Data-powered IT Service Management white paper here.