Data Breaches Beyond the National Public

A number of data breaches have made the news these last couple of weeks, managing to creep their way around the edges of the predominant National Public Data breach.  Japanese automaker Toyota has admitted to a breach of its systems, to the tune of 240 GB of data.  Customer and staff information, financial documents and network infrastructure data were all posted to a hacking forum by ZeroSevenGroup.  This incident comes not far removed from Toyota’s financial services arm, Kreditbank, experiencing a breach last November.  Millions of customers’ personal data was exposed and put on sale for $8 million, though it’s still unknown if Toyota paid the ransomware culprits.

The automotive industry across the board is at heightened risk of data breaches these days, not just Toyota.  In July, an outage at CDK Global, the software used by thousands of US dealerships, forced around 15,000 dealerships to go offline and disrupt operations.  Some reports indicated that it was only when CDK Global paid the alleged hackers a $25 million ransom that their systems came back online.

Toyota is not the only big name scrabbling for space beside NPD.  Oilfield services firm Halliburton was also hit by a cyber attack late last month.  Details are murky, but it appears to have impacted certain systems and is being addressed by the company and “leading external experts.”  More than that, Halliburton didn’t share.

In education, the Toronto District School Board, which manages 582 schools and 235,000 students, confirmed a ransomware attack against student information.  Names, emails, grades and other data were stolen and held for ransom, a period which will expire this week if the Board does not pay the LockBit ransomware hackers.  This is just the latest attempt from the LockBit group to reverse their fortunes after law enforcement operations struck them a severe blow early this year.

It’s impressive, and not in a positive way, that stories like these have been able to shoulder their way into the small news crevices left by NPD.  Only a few in an always swelling list, these incidents nevertheless complement the severity of mega breaches: it doesn’t take a national story to put your data at risk, after all.  Cybersecurity has several important components, but none more so than data encryption.  NetLib Security’s Encryptionizer product provides just the sort of stored data encryption to frustrate cyber criminal plans.  By encrypting your data across all environments, physical, cloud or virtual, any data that gets exposed or accessed will be illegible and useless to bad actors.  Encryptionizer requires no additional programming and has virtually no impact on performance.

NPD has left everyone at risk.  Don’t be one of the competing stories that people manage to hear about during this time.