What was my favourite data breach of 2014? It’s the question literally nobody is asking me. But let’s have a look back anyway at my top 3 data breaches and see what we’ve learnt:
Coming in at number 3… it’s eBay!
145m log-in details were compromised resulting in the company making a half-arsed effort to tell everyone to change their password. Seems they weren’t very concerned about this.
At number 2, it’s Apple’s iCloud!
Hundreds of celebrity photos (of the nude variety) were exposed to the Internet. Apple denied there was a breach. And they were right; there were multiple breaches. It was carried out by performing a targeted attack on usernames/passwords and security questions. There was no limit on the number of attempts so the bad guys just kept trying.
I don’t need to see The Hunger Games any more. I’ve seen enough of Jennifer Lawrence.
Before I announce my winner, a couple of honourable mentions first:
So… coming in at number 1, it had to be Sony. Again.
The Sony Pictures hack showed two things:
- That no organisation is safe from cyber attacks
- It hadn’t done much to improve its security position since the PSN incident in 2011.
Sony’s systems were hijacked in November (allegedly by North Korea) which lead to huge data leaks. This included the new twist ending of the latest 007 film being put online prior to the film even being filmed and personal emails between Sony and their star actors. Some of which were hilarious – I mean – hugely sensitive.
It caused the launch of The Interview to be delayed. So it wasn’t all bad news.