though that’s not all it has to worry about. Hackers also managed to extort the company out of an additional $400,000 by threatening to release sensitive personal customer data in an April 21st release.
But wait, there’s more. The BBC reported that one of TalkTalk’s providers (Optus) had also been breached, exposing customer data that could lead to more compromised user information hackers for hire being released.
Now all of this may sound like quite the headache
But it could have been worse. Hackers did manage to release personal data on some of TalkTalk’s users, but the amount that actually ended up in the public domain wasn’t actually very substantial. Of the 4.5 million people who were affected, TalkTalk also claims less than one percent of the overall customer base were affected. TalkTalk has also indicated that a targeted attack led the hackers to do an even better job at securing the data that was in their possession.
Did your business fall prey to a data breach? If so, it’s no surprise that financial infractions are becoming increasingly common. According to a report from Intel Security, phishing attacks that targeted British businesses quadrupled last year, reaching a record high of 2,700.
The attack wave was so great
the United Kingdom government banned all instant messaging platforms for the youth, including Line and WhatsApp, until a “national child safety initiative” could be developed.
Here at Computerworld, we’re on a mission to keep our readers and their networks safe. What can you do to ensure that your business isn’t vulnerable to data breaches?
When You Need Help Tackling Cybersecurity, Hire a Hacker to Enhance Your Cybersecurity
The mistake
Hackers broke into Yahoo’s network in 2014 by penetrating its core mail servers. In total, 1 billion email accounts were affected, of which half belonged to users in the United States.
There is no evidence that the data was leaked to the general public. Instead, most of the information was used to gain access to individual user accounts, and Yahoo then failed to notify users in a timely manner, not following existing guidelines set out by the Federal Trade Commission.
The attack, however, was a serious blow to the brand’s reputation and it quickly became apparent that the network remained insecure. As a result, Yahoo was forced to pay a $35 million penalty in the US for failing to properly protect user data.
Verizon learned of the security breach in 2016, while the company was in the midst of a $4.83 billion acquisition offer for Yahoo. As part of the negotiations, Verizon’s security team conducted an in-depth analysis of the incident, finding that more than 500 million users had been exposed to the same type of data-stealing malware that was used in the Yahoo breach. As a result, the data security problem had been recognized earlier than it should have been, but Yahoo failed to implement security improvements.
Instead of preventing it from happening again, Yahoo continued using its old software and security protocols, and didn’t carry out a full security audit of the company. After the hack, Yahoo simply disabled unencrypted login protocols and required users to enter the security question and password to access their accounts, which proved ineffective.