Data breaches and human carelessness

Verizon recently spread light on the evolution of cybercrime and an increasing number of data breaches in their Data Breach Investigation Report 2018 and revealed that hackers are getting smarter day by day. The report also shows some interesting facts which are stating that “human carelessness” plays a major role in accelerating such crime rates and thus, allows cybercriminals to gain access to the company’s sensitive information. 

This report also justifies the requisite urge of strengthening cybersecurity laws as data breaches are becoming more noxious with each day passing. Organizations do understand the value of their business data and thus invests a lot of their time in managing in-house security systems. However sometimes, what brings disaster is not false security laws or implications but the imbalance between people and technology.  

What is Data Breach?

The most basic definition of Data Breach is when a piece of secure information, whether intentionally or unintentionally, shared with any external/untrusted party without any prior knowledge to the person to which it legally belongs. Originally it is just a part of big cybercrime but eventually, results in compromising the overall online privacy of many organizations. 

No matter how secure your data is, hackers always find their way out to spill it and misuse all of your vital information for earning profits. Therefore, to limit such data losses, narrowing complexity within the business environment always helps.  

What Role Does Human Error Play in Breach?

We all are well-aware of the fact that technology is extending its roots more rigidly than ever before. Although, it is also true that we cannot rely on technology alone for restricting upcoming cyber attacks or, protecting sensitive data. In order to avail of your identity and sensitive data, hackers frequently target human beings as they’re easier to attack and exploit. 

“It is peculiar to believe that human beings are the weakest block in the cybersecurity structure as well as the supreme hope for preventing the system from disastrous cyber attacks.”  

According to a study by CompTIA, it is revealed that human errors are responsible for 52% of the security breaches held alone in the U.S. Among 52% of the root cause, “end-user failure to follow policies and procedures”, “general carelessness”, “failure to get up to speed on new threats”, “lack of expertise with websites/applications” and “IT staff failure to follow policies and procedures” were some of the most common issues reported by the surveyed employees. 

It is equally surprising to know that human errors have contributed to some of the largest enterprise data breaches ever noticed in the past. Despite the misuse of encryption or any other security practice, it is very strange to notice how human error affects the whole business model in each case. 

Let’s get aware of some of the well-known mega-breaches!!

  • eBay — The Late Spring Credential Lost Scam 

In the year 2014, news came out that around 100 employees of the renowned e-commerce website, eBay, have lost their access to accounts as hackers steal the credentials in order to get hands-on eBay’s internal networks. Later on, it was determined that a group of hackers targeted a company’s sensitive information with the help of the phishing attack. Not only did they gain access to eBay’s internal networks, but they also, steal confidential data including names, passwords, email addresses, physical addresses and other personal information of 145 million customers. The attackers kept their hold on eBay’s systems straight for 229 days. 

Company’s Impact:

Due to this breach, eBay lowered its annual sales target to $200 million USD. The company also struggled to reacquire the trust and brand name after this unfortunate cyber attack. 

  • Sony Pictures Entertainment — Fake Apple ID Verification Emails Scam 

Once again in the year 2014, attackers dropped fake Apple ID verification emails to many of Sony’s top executives. Followed by the emails, each targeted executive lost their Apple credentials as every single email sent by the attackers was linked to a phishing site. The attackers then tried the same set of credentials on employees’ LinkedIn accounts and abused those who were linked with the same username and passwords. After gaining access, the hackers crippled the whole company’s networks and obtained 100 terabytes of the data with the help of wiper malware. Later on, hackers posted the stolen data online, which resulted in heavy losses to Sony. 

Company’s Impact:

Including the huge loss of client’s data, Sony Pictures Entertainment spent $35 million in total to repair their IT systems. It is also said that the total amount of breach loss is significantly higher than that of the repairing. 

  • Home Depot — Exploited Weakness of Third-party Vendor

Using the third-party vendor’s stolen username and password, attackers successfully entered into the premises of the retailer’s network. After getting into the perimeter, they infected 7,500 self-checkout systems with malware residing in the United States and Canada.

Company’s Impact:

This breach alone caused an estimated loss of 0.01% of its annual sale as 56 million customers’ credit and debit card details were compromised. Home Depot had to pay $28 million as the penalty amount followed by insurance reimbursement of $15 million. 

  • Pentagon — Spear-phishing Attack Scam 

In the mid of 2015, attackers targeted the Pentagon with a spear-phishing attack and have successfully hacked the joint staff unclassified email system of the administrative building. The hackers did a combined attack consisting of encrypted social media accounts and an automated information gathering system that potentially piled up a massive amount of data and spread it online within a minute. It is best-believed that Russian attackers coordinated the scam in order to avail of internal information of the U.S. 

Company’s Impact:

The 2015’s spear-phishing attack compelled Pentagon to shut down its email system for two weeks due to which 4,000 military and civilian personnel (in approx) were affected. 

Conclusion

Assuredly, every organization follows encryption strategies to protect their business data from outer threats. But the imbalance between advanced security strategies and human carelessness can cause big data breach attacks which will eventually harm the overall business. 

After acknowledging the above-mentioned four well-known data breaches, it is understood that human error holds the potential to impact the strongest of security strategies. Most of the cybersecurity experts believe that automation is the only way to reduce the risks of such human errors which can ruin the whole business stability within a small instant of time.  

Share this post on

Start Your Free Trial

Testimonials

Continued support

I would like to thank you for your continued support. I’m so glad everything turned out well. I owe you one.

Vishal Savadiya

Prompt service

George was outstanding; he fixed my issue within a couple of minutes and got me back to work! Thank you for such prompt service!

Lyndsey Chapman

Best tech support

Your tech person resolved this issue to the best of my satisfaction. He is very knowledgeable, helping and nice person. Thank you for this help.

Bipin Bhatt
KB Accounting & Tax Services

Exceptional service

I appreciate the exceptional service that Duke Williams always provided us at JS Morlu. He is patient, knowledgeable and extremely helpful.

John S. Morlu
Global Managing Partner

Quick response

As always, It was a very positive experience having your technician solve the issue we were currently experiencing.

Brad Pollack
Retail Service Options

Kristi PArker

Was assisted with permission setting, easy process. Thank you.

Origin Books

Mary L Zembruski

They have always promptly resolved any issues I have contacted them about.

Wilson Landscaping

Christopher Hutzel

Easy of working and very helpful

Christopher Hutzel
Compactor Service

Mandy Leong

Great customer service

Mandy Leong
Managed Staffing

Taylor Hill

Not a problem since I started years ago. Support is amazing and couldn’t be quicker. Just tonight, I emailed them and within 1 hour David helped me through an issue and resolved it as quick as I could have asked. Glad I found these guys.

Taylor Hill
Hill Tax, Payroll & Bookkeeping

Serina McCoy

Service was very quick to resolve the issue we had with logging in. Michael Olson emailed and called with in a few minutes on realizing we had an issue and had us back up and working quickly.

Serina McCoy
Gilberts Mobile Service

Mark Tevrucht

thank you reason for stars is my opion nothing is perfect

Mark Tevrucht
T&T AUTO & TRUCK

Nancy Evans

Easy to work with Aaron.

Nancy Evans
Nancy P Evans CPA PC

Tom Cloninger

Excellent service! Very responsive!

Tom Cloninger
RAN Accounting & Consulting

Rich Durso

Anderson solved my issue quickly and efficiently!

Rich Durso
RTD

Juli Hale

We’ve been very happy with the service so far. I would highly recommend Sagenext for hosting QuickBooks and other software. Thank you Michael Olson!

Juli Hale
Vico Plastics, Inc.

Nabila Qureshi

Great Customer service and support. Will highly recommend Aaron was very helpful and knowledgeable

Nabila Qureshi
Tax King USA Inc

Yelena V Moshkovsky

Great service with persistence to solve the issue and easy to reach. Anderson was a lot of help with my remote desktop issue.

Yelena V Moshkovsky
Supporting Strategies

IT Director

Sage Next have been great. We moved from 2 other quickbooks hosting providers to SageNext because it is the fastest server we could find which makes working on it much easier for our team. That plus their team is always available and very helpful!

IT Director
American Foods

Victoria

Very happy with the functionality of the hosted environment and excellent customer service. A human always answers the phone quickly and is always knowledgeable and resolve any issue quickly. Thank you Michael and your support team.

Victoria
Abacus

Cristen Rolen

Worst support team who are getting more time ever.

Cristen Rolen
Cristen CPA Firms

Ed

Aaron was extremely helpful, and resolved my issue quickly and professionally. Sagenext hosting services has been reliable, and support has always been great.

Ed
Zigo Associates

Peg Kelly

Michael Olson was very helpful, professional, knowledgeable and kind. He’s a keeper should have more employees like him. Highly recommend Sagenext.

Peg Kelly
All Star Therapy

Jon Graff

Support has been terrific, every time I’ve had issues I’ve been able to get help quickly which has resolved any issues. Michael Olson recently helped me resolve a backup issue. Thank you Sagenext

Jon Graff
The Reason Foundation

Candi

Prompt support when needed!

The College Music Society

Stacy

Sage is wonderful! Aaron was an incredible help to me!

Elfand & assoc

Brenda

Thank you so much! I use Quickbooks on their servers and they are very helpful for all my computer needs. Thank you Michael for your great support.

BDKdoor

Gwendolyn Terrell

Customer Service was great they was able to fix the issue in a timely matter.

National Tax Center

Newsletter

Free Trial

Sagenext Trial