When it comes to cyber attacks, it’s often only the big corporation on the receiving end of the breach that makes the headlines. What people don’t often consider is the long chain of risk that generally allows such attacks to happen in the first place.
Although the entry point for any breach is often disclosed, it is generally an individual at ground level who is most fallible. In fact, a recent Verizon study identified that 77% of data breaches involved an insider, whilst a recent IBM investigation noted that 95% of cyber security breaches are down to human error.
That’s why we always recommend that you take out adequate insurance cover if you work in any area that could be digitally vulnerable.
Don’t take our word for it though. Read on below for some examples of the most notorious cyber attacks to happen in the 21st century.
Back in February 2016 social media behemoth Snapchat fell prey to what’s known as a whaling attack. A social engineer posed as CEO Evan Spiegel in an email to the company’s payroll department. The personal protected information of some 700 employees was subsequently released.
Snapchat apologised profusely in a blog post soon after the event, and vowed to take appropriate action with the FBI and others.
Although this happened almost a decade ago now (in the winter of 2007), it perfectly encapsulates the huge potential risks that could come about as the result of simple human error.
One of the most expansive data breaches of recent times, the protected information of 7 million families was lost in the mail. Two password-protected digital disks containing the details of every child and family in the UK subject to benefit payments went missing in the internal post after a junior official at HM Revenue & Customs in Washington, Tyne and Wear, breached all government security rules by sending them by courier to the National Audit Office in London.
This year payday loan company Wonga fell victim to a huge data breach that could impact as many as 245,000 of its customers. Bank account numbers, sort codes, full names, email addressees, and the last four digits of debit cards all went amiss (amongst numerous other pieces of personal information.)
Commenting on the attack, James Thompson, regional director for EMEA at authentication company SecureAuth, said that it will serve as a “hefty reminder” to any organisation holding personal and financial data to “continually innovate security and authentication to keep ahead of attackers.”
Yahoo’s days of Internet dominance have long been consigned to history, but back in September of last year (whilst in negotiations to sell to Verizon) it announced it had been the victim of the biggest data breach in history back in 2014.
The attack compromised the real names, email addresses, dates of birth and telephone numbers of 500 million users. Then, in December 2016, it announced that a breach in 2013 (by a different group of hackers) had compromised 1 billion accounts. Besides names, dates of birth, email addresses and passwords that were not as well protected as those involved in 2014, security questions and answers were also compromised.
The end result? The breaches knocked $350 million off Yahoo’s sale price, with Verizon eventually paying $4.48 billion. Yahoo, founded in 1994, had once been valued at $100 billion.
Our Cyber Liability cover includes protection against business interruption, cyber extortion and ransom, as well as assistance with system and data rectification and cover for regulatory defence and penalties. Alongside that you’ll also have access to ReSecure, a dedicated 24-hour helpline and specialist cyber incident report service.
Want to know more? Take a look here. If you’re interested in adding Cyber Liability cover to your existing policy just give one of our expert customer service team a call on 01242 808740.