Skip to content

The diverse nature of data breaches

by on February 26, 2014

There have been two data breaches to note in the news in the last week or so that show the diverse nature of the causes of leaks, and the risks they pose to businesses and their customers.  The perception is that data breaches are targeted malicious attacks by criminal gangs, but this isn’t always necessarily the case.

First to hit the headlines was Tesco’s Club Card data leak. This wasn’t a targeted attack on Tesco’s website itself, but an opportunistic attack using usernames and passwords of at least 2,000 Tesco’s customers obtained from other hacked sources. Customer details along with the corresponding voucher value appeared online, and unsurprisingly, many of the vouchers have been redeemed by the criminals.

The cause of this breach is down to customers using the same username and password for multiple accounts – Tesco has responded quickly to educate and help customers address this issue – but it highlights that prevention of data leaks is more than simply technology; end-user education and best practice is imperative and this incident goes to show that this access point onto a network is a weak link if not managed well.

Second is the Aviva insurance data breach which has resulted in the arrest of two employees. It is alleged that these members of staff were selling customer details to third parties resulting in nuisance calls from personal injury companies. So again, not a malicious attack by a criminal gang, but the result of an internal threat.

This incident reinforces one of the key questions an organisation must ask itself – ‘how sure is the business that it can detect and respond to someone taking sensitive data from its network?’

The end result in both these cases is that customers have been inconvenienced and may feel a betrayal of trust, which despite swift remedial action, could impact the bottom line.

From → pentura

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: