Security

CTC’s April 2018 Cybersecurity Report: Big Brand Data Breaches Continue

Over the last few weeks, the world’s most well-known companies have continued to become victims of data breaches. The frequency and scale of these incidents make security attacks as regular as the weather. Better bring your umbrella.

Here’s April 2018 cybersecurity update:

[24]7 Hack & Subsequent Data Breach

A malware attack on software vendor [24]7 (https://www.247.ai/), an online AI platform for chat and digital marketing, subsequently caused hundreds of thousands of people’s data to be leaked from companies like Delta and Sears.

According to Sears, this attack impacted “less than 100,000 of its customers”. Conversely, Delta admitted that sensitive information of “several thousand customers” had been exposed. This data includes the credit card information of both companies’ customers.

What’s even more appalling is the time it took to publicize the hack. Despite just hitting the news outlets, it was revealed that the vulnerability in [24]7’s system from September 26th to October 12th, 2017.

Under Armour & MyFitnessPal

It was recently revealed that over 150 million user accounts of the popular nutrition and meal tracking service MyFitnessPal were hacked by an “unauthorized third party”. This data included usernames, passwords, and email addresses.

This also isn’t a specific type of malware or vulnerability (which we usually cover in these articles) but the scale and scope of the attack are noteworthy here. It has set 2018’s record for the biggest data breach.

One surprising fact is that stolen health credentials can go for 10 to 20 times more than credit card numbers because of the detailed information that hackers can gather around an individual.

The exact cause of the attack hasn’t been determined yet, or at least hasn’t been published yet.

Be Proactive Instead of Reactive

Learn from what’s happening from the big guys and prevent it from happening to you. Reach out to one of our IT security consultants today to learn more about our network security, endpoint security, and cloud security solutions today.