Hardly a month—or even a week—goes by without news of another data breach impacting massive numbers of people. A few weeks ago it was Equifax revealing that a security breach exposed sensitive information, such as Social Security numbers and addresses, of about 143 million Americans. That amounts to more than half of all Americans over the age of 18.
Then it was the The U.S. Securities and Exchange Commission's turn to admit that it had been hacked in 2016. The SEC said one of the financial regulator's databases, containing corporate announcements, was compromised and may have been used to gain an advantage in stock trading. By targeting that system, the hackers could have gained access to information which had the power to influence or even change the market.
Even more recently, and a lot closer to home, Deloitte reported that a global e-mail server was hacked exposing information e-mails to and from the company's staff, as well as customer information on some of the firm's top clients. The report said the hackers could have also accessed other information, such as usernames, passwords, IP addresses and architectural design diagrams. There's also the chance that hackers could reveal who the firm is actually working with these days. Embarrassing, but not devastating for Deloitte.
But Deloitte's infiltration remains mild compared with potential illegal stock trading and releasing Social Security numbers of more than half the U.S. population. Combined, Equifax, the SEC and Deloitte make up cybersecurity's big three. And the fact the breaches were all made public in the same month could spark a sea change in the way we all think and act about data breaches—when… not if. The bottom line seems to be that no firm—or person—is immune to cyberattacks these days. Now more than ever, we need consultants, and firms, to step up, take the lead and restore the public's faith… before it's too late.
Joseph Kornik Publisher & Editor-in-Chief jkornik@alm.com
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.