8 IT security disasters: Lessons from cautionary examples

Read Time:1 Minute, 0 Second

Anyone who follows cybersecurity is aware of the steady drumbeat of data breaches and attacks. So, an attack needs to really stand out to earn the name “disaster.”

We’ve assembled eight truly disastrous IT security failures over the past decade, with the goal of finding not just clever hacks, but real mistakes on the part of the victims. Hopefully you’ll come away with some ideas on how not to suffer a disaster of your own.

[ Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board. | Sign up for CSO newsletters. ]

2012: Court Ventures gets social-engineered

Hieu Minh Ngo proved that you don’t need a lot of technical know-how to breach the security of an important data broker and get access to a lot of people’s private information. Sometimes all it takes is some brazen misrepresentation and social engineering skills. While still in his early 20s, Ngo convinced Court Ventures, a data broker later purchased by Experian, that he was a private investigator in Singapore. He then purchased personally identifying information (PII) from Court Ventures as part of his “work.”

To read this article in full, please click here

The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)

US and Japan Blame North Korea for $308m Crypto Heist

Spyware Maker NSO Group Found Liable for Hacking WhatsApp

Spyware Maker NSO Group Liable for WhatsApp User Hacks

Major Biometric Data Farming Operation Uncovered

Ransomware Attack Exposes Data of 5.6 Million Ascension Patients

Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP

Criminal Complaint against LockBit Ransomware Writer

Cryptomining Malware Found in Popular Open Source Packages