Data Breaches Of 2015
by, Chauntel Seminerio, Managing Editor
2015 saw a surge in data breaches aka “hacking” and the severity of security breaches affected over 150 million people, putting billions of dollars at risk and costing businesses millions of dollars. As reported in October by Nextgov’s Caitlin Fairchild, “The Biggest Cyber Breaches of 2015”.
Here at home the City of San Marcos and San Marcos Police websites were taken offline in March after receiving security threats.
In a statement, city officials confirmed that a hacker group claimed responsibility and stated the threats are retaliation for an incident involving former San Marcos police officer James Palermo and 22-year-old Alexis Alpha, who was arrested and thrown to the pavement during a downtown traffic stop in May 2013.
In June employees of the St. Louis Cardinals hacked into the scouting and analytics database of the Houston Astros.
“The fact that someone hacked into the Astros’ “Ground Control” database, which is the club’s internal communication and evaluation system, had been known since 2014. No one suspected that the hackers were employed by another major league team until it was reported that the FBI was investigating, however. That’s when it was revealed that the focus of the investigation was the Cardinals organization.
The alleged impetus for the hack was both (a) concern that former Cards executive Jeff Luhnow took proprietary information with him when he left for Houston to become the Astros’ GM; and (b) lingering resentment over Lunhow’s tenure with the Cardinals, where he was reported to have been a polarizing figure.” Reported by Craig Calcaterra “#19: The Cardinals hack the Astros database“
Most recently, Tuesday December 15th The San Marcos Daily Record website, sanmarcosrecord.com was hacked by an organization calling itself Fouzi Baws-DZ.
“The hackers posted a message giving reasons why Muslims might want to attack or hurt America, something most Americans do not understand,” SMDR Publisher Don Moore said.
“There were no threatening messages posted, only a list of events that might help America see why Muslims should have reasons to want to retaliate against Americans,” Moore said.
There were three additional newspapers affiliated with the Daily Record that were also hacked in both Fredericksburg and Marble Falls but the Daily Record does not know if any other newspapers were included in the attack.
It is unknown if the Daily Record’s customer’s financial information was accessed during the hack. Some concerned current subscribers commented to Corridor News, they have yet to receive notification from the publisher clarifying this issue. Most readers of any online media purchase subscriptions using credit card numbers and personal banking information, clearly at a heightened risk in 2015 as data shows.
Last week, a group claiming to be pro-Islamic State allegedly hacked into a Texas facial rejuvenation boutique’s website. The hack temporarily shut down the business’ online presence and posted the image of the Islamic State flag along with a message.
“It was speaking in Arabic, there was someone chanting music in the background,” said owner Brooke Nichol. “My immediate response is, ‘I got to get this fixed.’”
When Saving Face clients attempted to schedule their appointments online for Botox, other injectables or skin care treatments at the Austin-based spa, they saw the Islamic State flag on screen with the text: “Hacked by the Moroccan Revolution Team,” according to the local ABC affiliate KVUE 24.
“The defacements have affected Web site operations and the communication platforms of news organizations, commercial entities, religious institutions, federal/state/local governments, foreign governments, and a variety of other domestic and international Web sites,” the FBI wrote in a public service announcement in April.
On a macro level, severe data breaches, both foreign and domestic, reported by James L Golden, Nextgov.com associate partner, GBS IBM, Cybersecurity and Privacy included:
Premera Blue Cross Blue Shield – Over 11 million subscribers’ information was stolen.
Anthem – 80 million patients’ and employees’ information was stolen.
Bank heist – Cyber-crime ring Carbanak infiltrated over 100 banks worldwide to gain access credentials and to hijack ATMs to steal more than $1 billion.
Office of Personnel Management 1 & 2 – Over 4 million personnel files including security clearance information were stolen; an additional breach affected over 21 million federal employees and contractors. Information stolen included not just SSNs, but fingerprints and personal details that could leave federal personnel vulnerable to blackmail.
Internal Revenue Service – Online transcripts of over 100,000 taxpayers were accessed as a result of access to previously stolen identity information. Significant personal information was stolen costing taxpayers $50 million.
Ashley Madison (notorious “cheating” website) – 37 million customers’ information was stolen, likely for shame and blackmail rather than credit card numbers.
Central Intelligence Agency Director John Brennan – Security clearance files from Brennan’s hacked AOL account were posted on WikiLeaks.
Golden: “These breaches demonstrate the broad and deep spectrum of the security challenges and impact across the both the public and private sectors. Specifically, the breaches at OPM have taken a significant toll on the level of trust between the federal government and the public. In short, the exposure and problem is real, the impact is significant.”
To read recommendations to significantly improve cybersecurity/Information security posture and minimize risk exposure in both public and private sectors see more at- Nextgov.com
