The Worst Security Incidents of the Past Year
The last 12 months has been plagued by a host of high-profile security breaches and issues that have cost companies millions in revenues and fines, and caused serious reputational damage in the process. But which do cybersecurity professionals see as the worst? The annual report from the Chartered Institute of Information Security has the details
What were the worst breaches/security issues in the last 12 months?
From a survey of members of the Chartered Institute of Information Security
While Facebook was the winner, professionals were split as to why. While some cited the Cambridge Analytica scandal, despite the saga beginning more than a year ago, others saw the ‘View As’ profile vulnerability that left 50 million accounts vulnerable as the bigger issue.
The British Airways data breach saw the payment data of around 380,000 customers exposed in September, and took 16 days for BA to discover. It earned further damage for the company when it became the first UK test case of GDPR, netting a £183m fine.
Marriott International hit the headlines for a long-term data breach of its subsidiary Starwood, which saw data belonging to 339 million guests exposed over four years. The breach, which was discovered in November, earned Marriott a £99.2m fine under GDPR.
While no single ransomware attack stood above any other, the last year has been characterised by a string of such attacks, many of which have become increasingly targeted, with higher ransoms attached.
With so many cybersecurity incidents to choose from, respondents mentioned a host of different attacks and incidents. These included attacks on cryptocurrency exchanges, a security flaw that led to the demise of Google+ and the resurgence of customer details stolen in the 2015 TalkTalk data breach.