When a business is hit by a data breach, there's often no telling just how significant the consequences will actually be.
The fallout from a breach could mean minor financial damage, as the company institutes new security systems and processes, and reimburses any affected customers, or a seriously tarnished reputation. After all, what customer will want to use services from a business they know isn't secure?
These breaches were ranked as a top issue of chief information officers in an NC State report from earlier this year, with 53 per cent of respondents stating that they were insufficiently prepared. This is clearly a concern for businesses, and understanding is the first step to preventing a breach from occurring.
Below, we'll take a look at five of the worst data breaches in the last few years.
This was one of the biggest bugs in recent years, causing a substantial number of data breaches. It was revealed by security firm Codenomiconon, after it had been operating for nearly two years.
According to TechRadar, this bug affected around 17 per cent of secure web servers on the internet, exposing sensitive data such as passwords.
Impacted companies included Amazon, Reddit and WordPress.
As one of the biggest retail chains in the US, any data breach is almost certainly going to be bad news for Target. The company was hit in point-of-sale terminals, which in turn impacted around 70 million shoppers. Information such as credit cards and customer names and addresses were stolen.
Target explained that while the issue was resolved soon after discovery, they continued to conduct an investigation to identify other potential impacts.
In 2011, a company called Epsilon was hit with a substantial data breach, one which exposed customer names and addresses thanks to the work of outside attackers. While no payment information or anything more sensitive was leaked, US$225 million in damages was eventually paid out.
The final breach on the list is Sony PlayStation, with an attack that also happened in 2011. A massive 77 million users were affected by this breach, with the PlayStation Network having to be shut down for 23 days in response.
What's more, $171 million in damages was paid out.
Sony witnessed another fairly substantial breach at the end of 2014, when the film and television sector of the company was hacked.
While IT security should rank as a top priority to mitigate the threat of data breaches, another necessary course of action is proper IT governance strategies. These can help to ensure that all staff responsible for the security of IT systems understand how to manage them correctly.
If you'd like to get your staff started with either IT security frameworks or an IT governance methodology, get in touch with ALC Training today.