There's not a week that goes by when we don't hear about another security breach on a large corporation or enterprise. Millions of personal details have been stolen and guess what? Your name may be on the list.
What can we learn about these breaches for our own business? Well in this post I'm going to go into details on the biggest breaches, how they happened and how to protect your business against the same form of attack.
Number 3: Exactis
You've probably never heard of this firm. They are a marketing company that does data aggregation. 340 million records breached.
A security expert spotted an open database on one of their public servers. Whilst the data was not hacked; it was just sitting there waiting to be found. How do you protect your business from this type of scenario? Make sure you know where your data is stored and who has access. Implement a policy on any new IT infrastructure or cloud services that are being installed in the business and have some form of auditing on where data is located.
Number 2: Marriott Hotels
I'm sure you've stayed at one of the Marriott group hotels in the past. These include Regis, The Luxury Collection, Sheraton, and more. 500 million guest records were exposed including passport numbers and credit card details.
The breach actually occurred through a system Marriott inherited when they acquired Starwood Hotels - highlighting the importance of security audits during mergers and acquisitions.
Number 1: Facebook
The Cambridge Analytica scandal exposed data from 87 million users. This breach showed how third-party apps can be used to harvest user data on a massive scale.
The lesson for your business
These breaches show that no company is immune. The key takeaways are: know where your data is, control who has access, and regularly audit your security practices.
