In 2016 the number of reported data breaches increased by 40%. The Yahoo data breach was one of the largest breaches of that year and in history. As 2017 is coming to an end, cyber criminals have yet to stop. By now we have all heard about the Equifax data breach, but there were many more. Here are some of 2017’s data breaches that you may not have heard about.

1.     FAFSA: IRS Data Retrieval Tool

It was on April 6^th, 2017, the IRS disclosed that up to 100,000 people may have had their personal information stolen. The hackers used a method involving the IRS Data Retrieval Tool, a tool used to complete free applications for Federal Student Aid (FAFSA). After officials detected the potential breach, they took the tool down. Since this beach, the agency concluded that no more than 8,000 fraudulent returns were filed. Unfortunately, these returns were processed and issued, which is costing the IRS $30 million. Filters used by the federal organization stopped 52,000 returns and of those 14,000 were illegal refund claims.

2.    Chipotle

The popular food chain Chipotle, generally gracing the tabloids with health-related nightmares, was the victim of a data breach on April 25^th, 2017. There was activity detected on their network that supports the payment processes inside their locations. Chipotle believed transaction information from March 24^th, 2017, through April 18^th, 2017, may have been acquired. At this point, there is still an ongoing investigation.

3.    Gmail

It is true, Google is not untouchable. This tech conglomerate was targeted by a Phishing scam on May 3^rd, 2017, directed at Gmail users. The hackers were seeking access to accounts through a third-party app and sending emails made to look like they were sent from a trusted contact. In the emails, there was a notification to share a Google Doc. If the user clicked, the link would lead them to Google’s legitimate security page. The page prompted users to allow the fake document to manage and control his or her email account. Even though Google claims to have stopped the scam in an hour’s time, it is still estimated that 1 million users have been affected.

4.    Verizon

On July 13^th, 2017, 14 million Verizon customers may have been affected by a data breach.  These records were held on an Israel based server. The hackers acquired log files generated when Verizon customers contacted the company by phone.

5. Bronx Lebanon Hospital Center

On May 10^th, 2017, The Bronx Lebanon Hospital Center was attacked, exposing thousands of medical records protected by HIPAA. The breach happened due to a misconfigured backup hosted by iHealth. There were at least 7,000 patients who had their personal information compromised. Those who had visited this hospital between 2014 and 2017 could be affected. The information leaked included details such as names, home addresses, addiction histories, mental health, HIV statuses, sexual assault or domestic violence reports, and more.

As organizations digitize their business practices they become more exposed to cyber threats. To successfully mitigate such risks, companies have to overcome their administrative barriers. Organizations need to start incorporating cyber security into their DNA to flourish in this digital world. Cyber Security Awareness month is so important because it brings both leaders and end-users to the same understanding that it will take awareness to combat cyber threats. 

Share this article: