As we wrap up 2014 and look ahead to the New Year, it’s important to reflect on the data security lessons we learned in the past 12 months. Hundreds of millions of records were stolen this year as a result of faulty security. Here are the top five stories of the year.
In September, some very private photos of Hollywood celebrities were leaked after an iCloud data breach. A hacking group wrote a program that guessed username and password combinations for iCloud services. At the time, iCloud wasn’t limiting the number of guesses, so hackers had many chances to guess the right combination without being locked out.
This hack highlighted the need for two-factor authentication on iCloud accounts, specifically SMS authentication. Read this article to learn more about two-factor authentication.
“Once this is enabled a user would receive a four digit SMS message with a code to input in addition to their password,” Lewis said in another Forbes article. “This way, if a password is compromised the attacker would still need an SMS code to gain access to the user account.”
“This is indicative of some serious lapses in judgment but, only a small window into the issue,” Dave Lewis wrote in a recent Forbes article about the breach. “We have not heard the facts as to how the attackers were able to gain such an unprecedented foot hold on the network and literally bring the company to their knees.”
In July, news broke that hackers attacked JPMorgan’s systems, affecting about 80 million households and 7 million small to medium-sized businesses. Contact information, including name, address, email address and phone number was compromised.
In a statement, JPMorgan said, “there is no evidence that account information for such affected customers — account numbers, passwords, user IDs, dates of birth or Social Security numbers — was compromised during this attack."
In September, Home Depot confirmed that its payment data systems were breached. A total of 56 million payment cards were compromised, and Home Depot faced 21 lawsuits as a result. The theft is thought to be the largest theft of payment cards from a direct attack on a retailer.
Going into 2015, it’s important to stay vigilant on emerging trends in data security. To get started on the right foot, check out “5 Information Security Trends That Will Dominate in 2015.”