Yahoo announced the largest ever data breach in history, with over 1 billion Yahoo user accounts compromised by a past cyber attack, which I covered in Yahoo's Mind-blowing One Billion Data Theft Hack. This truly humongous data hack is distinct from the 2014 breach of 500 million accounts reported by Yahoo in September. Elsewhere KFC, Topps, The Daily Motion and LinkedIn’s Lynda.com also reported large customer data breaches of millions of records during December.
We need to be mindful of never to "get use to" and accepting these massive numbers of hacked online accounts, by businesses we entrust with our personal information, especially where these businesses have been found 'wanting' on the cyber security defences by under investing. The old spin doctor excuses of indefensible super hacks orchestrated by sophisticated nation-state backed dark forces tends not to stand up once the facts are uncovered. There is nothing sophisticated about teenage kids using freely downloadable software to take advantage of decade old and basic security vulnerabilities.
The media and security experts continues to pour scorn on TalkTalk’s cyber security, following the firm’s poor handling and customer advice after a cyber attack of unpatched TalkTalk customer broadband routers.
ThyssenKrupp, a large German steel maker firm, disclosed it was a victim of cyber intellectual property (IP) theft. Businesses rarely admit to IP data theft given such admissions can serious harm the business's reputation and share price. Given the high media and public attention in protecting personal data from cyber attacks, following a year of high profile large customer record losses due to cyber attacks, it can be easy for businesses to take their eye off protecting their IP, and to become complacent with IP protection and security.
I was quoted in the Focus Training's Blog. An 'Ask the Experts' piece on 'How to Protect your business from Cyber Crime', my advice was as follows.
There was a Christmas bumper of patch releases in December, with Microsoft, VMWare, Joomla, PHP and Android all releasing patches for critical vulnerabilities.
News
Yahoo Hack: 1 Billion User AccountsCompromised by biggest Data Breach in History
KFC's Colonel Club Hacked, 1.2 Millionadvised to Change Passwords
DailyMotion breached, 85 Million AccountsStolen
TalkTalk and Post Officerouters taken offline by Cyber Attack
TalkTalk's Wifi Hack advice is'astonishing' Customers urged to get Routers Swapped
German Steel firm's IP stolen in Massive CyberAttack
European Banking Breach guidelines moreStrict than EU GDPR
Ashley Madison forced to pay £1.3m forDeceptive Security Practices
LinkedIn’s Lynda.com breached, 55,000 userpassword reset, 9.5 Million Users Warned
Insurers handling 'Hundreds' of Breach Claims
Domino'sPizza advises Customers to change their Passwords
Star Wars card firm Topps hitby 'unforgiveable' Hack
Ask The Experts: How to Protect Your Business From Cyber Crime
Microsoft release 6 Critical Patches for Windows, Edge, IE, Office & Adobe Flash Player
Skype Backdoor missed by Microsoft Development Team
Android Dirty Cow flaw is Finally Patched (CVE-2016-5195)
Joomla flaw allows Attacker to Change passwords and Seize Websites
3 Critical PHP 7 Flaws Detected and Patched
VMware fixes stored XSS vulnerability in ESXi Hypervisor
Awareness, Education and Intelligence
Over 400,000 Phishing websites have been detected Each Month in 2016
Hailstorm Methods used to spread Malware in Phishing Attacks
Reports
Critical Infrastructure Technology Report:Mirai 'is just the Tip of the Iceberg'
UK Identity Fraud on the Rise