This week is coming out with new data breach stories on an international scale. Between Mitsubishi and NEC, 2020 has not seen a great start for cybersecurity in major Japanese firms. Last week, Mitsubishi Electric revealed that the company had been hacked in June, exposing personal and corporate data, including, potentially, some trade secrets. According to the electronics giant, unauthorized user access led to the hackers exploiting an antivirus vulnerability that had not yet been patched. Thousands of current, former and applicant employees had their data exposed.
Right on the heels of this story, another big electronics firm, NEC Corporation, has revealed its own breach that began all the way back in December 2016. Not until July 2017 was the illicit intrusion even detected. Almost 28,000 files were accessed during the intrusion period, although NEC says none of them contained personal data. What makes this an extra close call is the fact that NEC works closely with the Japan Self-Defense Forces (JSDF). In the end, no critical defense data was apparently compromised.
Another story continues to rear its head again years after the incident. We covered the Ashley Madison breach when it occurred in 2015, but the effects are still being seen. Most recently, several of the nearly 37 million users whose information was exposed are now facing extortion schemes. Anonymous blackmailers are using email to demand over $1,000 in Bitcoin, or else they will share the embarrassing Ashley Madison information. Even though it’s been years since the actual incident, we can see how a breach can have repercussions far after the fact. Those far-flung ripples are just as hazardous to the victims as the initial impact.
Stories like these will continue to be prominent as long as shortcomings remain like those found in an Accenture survey. According to them, organizations leave about 40% of their environment unprotected, while early detection of a breach remains a problem for many, especially those with subpar training and collaboration. These weak points leave all the room in the world for cyber criminals to do what they do. That is why it’s vital to be preventative, so users don’t have to keep looking over their shoulder for years to come, wondering about their personal information.