I wonder how historians will describe this period in time, specifically pertaining to the rise of data breaches. Just ten years ago, this would have been a phenomenon so minor it would have barely garnered a newspaper article. Now, it’s a subject that has bludgeoned its way into the public consciousness, one impossible for future generations to ignore. The breaches are too huge, the costs soaring too high, that what once might have slipped under history’s radar will now smash it.
Indeed, in the US alone, breaches on average cost $7.91 million, which is more than double the global average of $3.86 million. This latter figure is itself up from the previous year, where it was $3.62 million. For every security incident, US companies are coming in first among all other nations in lost business, with an average of about $4.2 million. These figures and more come from an IBM study that reflects what has become all too common knowledge at this point: there are more cyber threats, more vectors of attack and structural points of weakness than ever before. Hackers are also more sophisticated, often outpacing the latest security measures thrown at them. This is especially true when they are large scale criminal enterprises or sponsored by nation-states.
No wonder I can’t go even a few days without getting alerts to another massive breach.
Speaking of which, reports have been coming in that Comcast Xfinity, the telecom giant, possessed several critical vulnerabilities that could have exposed sensitive information on 26 million users. One made it possible for malicious actors to exploit an online customer portal to access someone’s home address, while another would reveal the last four digits of a Social Security number. With bits of data like these, it would be child’s play for a hacker to gain even more detailed information on their targets. And since kids are apparently able to crack US voting systems in 10 minutes, I do mean that literally.
Whether any unauthorized individuals used these vulnerabilities is still uncertain. Comcast patched the flaws, but couldn’t provide further details at this time.
With any luck, this won’t be yet another instance to give millions of people a headache, nor for Comcast to make their way into the annals of cybersecurity history.