By Jacob Serpa, Product Manager, Bitglass
Here are the top cybersecurity stories of recent weeks:
—Uber fined $148 million over cover-up
—Apollo database of 200 million contacts breached
—Chegg hack exposes 40 million users' credentials
—Port of San Diego faces cyberattack
In late 2016, Uber suffered a breach at the hands of hackers who were looking to infiltrate one of the company's cloud services. However, instead of reporting the event (as they were supposed to), they instead paid the culprits $100,000 and elected to keep silent about the attack. Since then, all fifty states, as well as the District of Colombia, have sought legal action against the company, culminating in a fine of $148 million.
Apollo, a well-known sales engagement startup, recently had its database of 200 million contacts breached by malicious parties. Unfortunately, as detailed in the message that the company sent to the individuals whose information was exposed, the breach did take a number of weeks to detect. As massive damage can be done in a matter of moments, organizations must employ real-time security measures
if they want to avoid a similar fate.
Chegg was recently found to have been breached by unauthorized users seeking to steal sensitive information. While it is believed that no Social Security numbers were stolen, data that was successfully exfiltrated included users' names, usernames, passwords, email addresses, shipping addresses, and more. Unfortunately, the breach, which occurred in April of 2018, took months to detect, giving hackers plenty of time to pursue their malicious ends. The company has since reset the affected users' passwords.
Within a week of the cyberattack on the Port of Barcelona in Spain, another assault was launched upon the Port of San Diego. This pair of cyberattacks highlights the reality that hackers can target infrastructure and have widespread, adverse repercussions for organizations around the world. Fortunately, this particular attack affected only land-based operations at the port. The causes have yet to be discovered.
Learn about cloud access security brokers (CASBs)
and how they can protect your enterprise from threats in the cloud and download the Definitive Guide to CASBs