The Meridian Blog: Tech News, Tips & More for SMB and Enterprise Environments

2014 Security Breaches That Impacted SMBs and Consumers

Robert Bruce

Posted by Robert Bruce
Tue, Jan 13, 2015

2014 was the year of the security breach. In fact, it was just at the tail end of 2013 when retail giant Target was hacked. Forty million payment card numbers were stolen during that holiday season, affecting an estimated one in three Americans. That was a harbinger of things to come, as data breaches dominated the IT security news throughout 2014. If there was any kind of silver lining to the Target affair, it was that it heightened a lot of folks’ awareness of data security. People whose eyes normally glaze over at the mention of advanced persistent threats (APTs) and remote access Trojans (RATs) were suddenly talking about disparate security appliances, and software agents and management systems. 

So, aside from the Target hack, which security breaches had the most impact on businesses and consumers? Read on for the top five security breaches of 2014, and what we can learn from each.

Picture3-1

This is just a small sampling of the largest data breaches that compromised an estimated 384 million U.S. records last year – more than the entire nation’s population. Have we learned anything from these and the numerous other IT security events of 2014? One unfortunate fact is that a pattern is developing. Previously, 2013 was a record year for IT breaches, and before that 2012 set a record, so if nothing changes 2015 is on track to do the same. A recent study sponsored by IBM, the 2014 Cost of Breach Study: Global Analysis, found the average cost of a security breach to the companies studied was $3.5 million – a 15 percent increase over last year.

Hopefully, these breaches can teach us some lessons about IT security in general, and specifically how consumers and small-to-midsized businesses (SMBs) can better secure their data. Let’s take a look at some big IT security breaches of 2014. Breaches that collectively impacted hundreds of millions of Americans – i.e. the majority of consumers and many SMBs.

Neiman Marcus

Shortly after the Target breach, news broke in January 2014 that high-end department store chain Neiman Marcus had been hacked. The hacking occurred between July and October 2013, and originally the company thought that as many as 1.1 million debit and credit cards were hacked, but further investigation reduced that figure to a maximum of 350,000. Malicious software installed onto the Neiman Marcus system was the route the hackers used.

Goodwill Industries

In September, 2014 nonprofit organization Goodwill Industries announced that a data breach in 330 of its stores may have compromised about 860,000 debit and credit cards. According to their investigation, a third-party vendor’s systems were attacked by malware. All the affected stores used the same vendor to process card payments.

Home Depot

This one was huge. In September, the giant home improvement chain confirmed that 56 million credit and debit cards had been breached. Once again, hackers used a third-party vendor to gain access to a larger network. In this case, after using the vendor’s user name and password to enter the perimeter of the network, hackers then acquired elevated rights to navigate privileged portions of the system. They then installed malware on the company’s self-checkout systems.

JPMorgan Chase

This is the nation’s largest bank in terms of assets. In a Securities and Exchange filing in October, JPMorgan Chase disclosed a data breach between June and July, 2014 that affected 76 million households and 7 million SMBs. Hackers stole customer names, addresses, phone numbers, and email addresses, but no account numbers, passwords, social security numbers, or birthdates. The bank said that no unusual customer fraud had resulted from this breach.

Sony

Last year ended with Target’s breach, which so far has cost the company an estimated $148 million, and this year it was Sony who closed the calendar with a data breach story. In December, hackers pirated five unreleased movies and released them online. They crooks also exposed about 47,000 Social Security numbers, which appeared more than 1.1 million times on 601 publicly-posted files. Many of those files also revealed other personal information, such as full names, birthdates, and home addresses.

2015 And Beyond

Hopefully, the costs associated with hacking will motivate enterprises to take more preventive measures this year, including having an incident response and crisis management plan in place. Large enterprises are increasing their IT budgets, hiring more IT experts, and adding new positions at the C-level such as the chief security officer (CSO). More SMBs are consulting with managed services providers and utilizing virtual chief information officers (VCIO).

This year, let’s strive for a new awareness of the importance of information security. An assessment of your current situation may help figure out what preventive measures you can  take in oder to avoid a breach. If you do not have an IT department, contact a Managed Serivces Provider (MSP) that is trusted and underestands your business' goals. 

 

Ready to get started? A thorough assessment of your technology environment and business processes can improve system reliability, streamline business processes, and improve focus on core competencies. Click here to request an assessment.

 

 

Robert Bruce

Ready to Become a Pro?

 Our White Paper can help.

whitepaper-4-key-elements-for-building-your-technology-road-map-thumbnail-3Subscribe to our blog and get your copy of "4 Key Elements to Consider When Building Your Technology Road Map"

You'll learn:

  • What role people play in determining your road map
  • How to build a plan in a multi-device world
  • What types of applications need to be considered
  • How data plays a key role in success

 

Subscribe to get your copy

Leave A Comment

About this blog

News, best practices and more to help you get the most out of your office technology. Whether you're an SMB owner who wears a lot of hats, or an enterprise IT director, facilities manager or just someone who wants to work smarter — this blog has the resources you need to maximize the business impact of all your tech investments. Be sure to subscribe to receive email updates about new posts!

Download our eBook

 
DM_Workbook_Cover_Page.jpg

Download

Sort Posts by Topic

see all