2023 Q2 Data Breaches & Tips for Preventing Attacks
Data Breach
It is hard to believe that 2023 is already more than halfway over! While adults and kids alike are enjoying the warm weather and all of the fun that comes along with the longer days of summer, cybersecurity professionals are working diligently to help businesses of all sizes combat and recover from online attacks. One of the most prevalent threats seen in the first half of the year is one that has plagued businesses for years and years - the dreaded data breach. Data breaches are a particularly harmful form of cyber attack, in which a cybercriminal gains unauthorized access to information that was meant to be kept protected and private. A data breach not only results in companies being faced with the cumbersome task of regaining access to their data and patching whatever vulnerability caused such an attack to happen, but it is one of the most damaging to an entity’s public image. Many customers and clients lose trust in a company that is hit with a data breach, even if the company makes great efforts to beef up their cyber defenses following such an attack. Because of this, the best approach to dealing with data breaches is trying to prevent them from happening in the first place. We will get into some quick tips for helping to prevent a breach of your business’ data shortly, however, let’s first take a look at some major data breach information from Q1 and Q2 in 2023.
Data Breaches (so far) in 2023
Data breaches have been tracked by the Identity Theft Resource Center (ITRC) since 2005; the Center shows that the United States is on track to have a record breaking number of data breaches this year; instances of breaches in Q2 of 2023 were 114% higher than Q1. The total number of breaches year-to-date is 1393 events, which is higher than the total number of annual breaches for nearly every year from 2005-2020.
Among the many breaches that occurred in the second quarter of this year, were some pretty major events, namely:
April - Pizza Hut/KFC/Taco Bell Data Breach
The parent company for fast food chains Pizza Hut, KFC, and Taco Bell called Brands has informed affected individuals of a breach that occurred earlier this year in which a ransomware attack resulted in names, driver’s license information, and ID card data being stolen. Ransomware attacks are often the trojan horses for attackers to gain access to a company’s data and allows them to carry out a breach.
The mobile phone service provider, T-Mobile, has suffered yet another data breach - this one was at least small in its impact, with only 800 customers being affected. This breach resulted in customer social security numbers, ID card information, and contact information being exposed.
June - American Airlines & Southwest Airlines Applicant Data Breach
Roughly 8,000 pilots are thought to have been impacted by a recent breach in which attackers stole personally identifiable information for those individuals who applied to positions with American Airlines and Southwest Airlines. This information was stolen from a database maintained by a recruiting company, showing the importance of only working with companies who also have strong cybersecurity defenses.
Data Breach Prevention Quick Tips
As mentioned above, a data breach can severely negatively impact a business in many ways such as finances, security, and public image. The best way to think about data breaches is from a preventative point of view rather than after one occurs.
- Employee Education -- Educating employees is one of the best and most affordable cybersecurity measures a company can take. One of the major ways that a breach occurs is due to human error - an employee who has been trained in what to look for when it comes to cyber threats or suspicious behavior is far less likely to make such detrimental errors as untrained employees.
- Update everything regularly -- From devices to networks to firewalls and more, anything that can be updated should be updated on a regular basis. Keeping things updated is another affordable (almost always free) means to helping protect against cyber attacks that can be implemented immediately.
- Encrypt sensitive data -- Encrypting data is the process of taking your company’s regular data stored in databases and scrambling it so that it is unreadable unless a specific digital key is entered. Any personally identifiable or financial data should be prioritized when it comes to encryption as this is the information cyber criminals are after the most. Many email servers also have the option to encrypt emails so that you can securely share information between team members without risking the data being shared in the event any communication is intercepted.
Image by macrovector for Freepik.
