Carefirst Breach(1) May- 1.1 mil members Hackers gained access to names, birthdates email, and subscriber info, passwords
Anthem – Premera Blue Cross(2) January – 80 mil patients – personal information taken (all)
Harvard university and other universities (3) – 28 known education breaches totalling 1 million compromised records. likely all personal information – passwords etc.
Hacking Team is a company which helps governments hack with Zero-day exploits and more was hacked(4) (gave an unprecedented look into the hack and a hacking company) All emails and 400GB of data from the company was exposed. It shows the capability to hack others is not that hard when the tools and knowledge is there.
Security vendors including password storage application company LastPass(5) – are being targeted because of what type of data they can store. Although no encrypted data was stolen, email addresses and some associated data was taken. 13,000 businesses at minimum.
OPM -Army National Guard
The US government offices that control some of your personal data also were hacked(6) this breach affected 4.2mil and 21.5 mil depending on your status with government entities.
Army national guard had 850,000 records stolen.
On 12/30 adding Excellus BCBS(8) breach 10 million patients.
So let’s list them all in one table:
Carefirst 1.1 mil
Anthem Blue Cross 80mil
Harvard and other Universities: 1mil
OPM 25.7 mil
Army nat’l Guard .85mil
Excellus BCBS 10 mil
total 120million records stolen(rounded up) and countless other pieces of information
So what does that mean?
The criminals on the darknet are also creating a Database on you:
It includes your name address, DOB, SS#, , passwords, login names, and all those questions to answer like what is your favorite book? Movie?
In fact your personal identity information(PII) is worth something: $1 (7) so in a way the criminals are working on accumulating more data as this is worth money to them.
It is also worth noting that PHI(Personal health Information) is worth more because the information can be used for longer periods of time (does not have short shelf life) – some say it is $10/ record or more.
Any company that has PII has a bullseye on them. And in 2016 the criminal hackers will continue to build this dossier DB on all of us.
So now, the government has our data, Banks have our data, employer has data, and the criminals have our data.
So what does that mean?
In my opinion one _has_ to change their passwords and information on a yearly basis at least – just so it is a bit harder for the hacker to hack you.
Change your information as much as possible that you can digest – every six months??
Do you need risk analysis performed?
Contact Us to discuss this.
- http://www.wsj.com/articles/investigators-eye-china-in-anthem-hack-1423167560
- http://krebsonsecurity.com/2015/03/premera-blue-cross-breach-exposes-financial-medical-records/
- http://www.crn.com/news/security/300077365/higher-education-faces-growing-security-challenge-with-low-budgets-cultural-barriers.htm
- http://www.csoonline.com/article/2943968/data-breach/hacking-team-hacked-attackers-claim-400gb-in-dumped-data.html
- http://www.crn.com/news/security/300077155/lastpass-takes-steps-to-protect-enterprise-partners-in-wake-of-data-breach.htm
- http://www.crn.com/news/security/300077462/opm-national-guard-breaches-highlight-challenges-in-securing-third-party-contractors.htm
- http://www.techradar.com/us/news/world-of-tech/personal-information-sold-for-just-1-on-the-dark-web-1305027
- http://www.darkreading.com/attacks-breaches/another-healthcare-insurer-excellus-bcbs-hit-with-mega-breach/d/d-id/1322142
Updated 12/30/15
1 thought on “Criminal Hackers Got Your Data in 2015”