We've told you about some disasters that were caused by human error, but what happens when disasters happen because somebody wanted them to happen? Here are three big security breaches that shined the spotlight on the importance of cybersecurity.
Sony Pictures Entertainment
It's believed that a hack of Sony Pictures Entertainment had been going on for more than a year before the leak was discovered in November 2014. Internal emails, movie scripts, early cuts of unreleased films and about 47,000 unique Social Security numbers were included in the claimed 100 terabytes of data stolen from Sony servers and leaked by the cybercriminals.
The U.S. government linked North Korea to the cyber attack in part because of the controversy and threats surrounding the Sony film "The Interview," a comedy about an assassination attempt on North Korean leader Kim Jong-un, but experts have cast doubt that the attack was backed by the country's government. Sony said it spent $15 million investigating and recovering from the hack, though it will recoup much of the cost from insurance.
The breach of Anthem Inc., a healthcare company that manages plans under several insurance brands, might have started as early as April 2014 but wasn't discovered until January 2015. By then it had become of the biggest security breaches of all time, with hackers compromising almost 80 million records, 60-70 million of which affected either current or former Anthem members.
The breached records included names, birthdays, email addresses, Social Security numbers, medical identification numbers and addresses. Some of the records included employment data and income levels, but financial and medical information was not accessed. The malware used in the attack was believed to have originated in China, and the cost of Anthem's ongoing recovery could exceed its own cyberinsurance policy cap of $100 million.
Home Depot accounts for approximately 60 percent of revenues in the home improvement industry. That made the company an attractive target to hackers who installed malware on the company's servers to attack credit and debit card readers in the company's stores.
The hackers used a vendor's stolen log-on credential to access the servers before installing the malware, possibly as far back as April 2014. The information from 56 million credit and debit cards was stolen and listed for sale on a black market website before cybersecurity experts and Home Depot discovered the breach in September. Home Depot estimated that the breach cost the company $62 million, almost half of which was covered by insurance.
For more information on the importance of keeping your company's and clients' data secure, check out our post "Consumer Identity: Asset & Liability."