As we shook off the last of winter, we couldn’t seem to shake data breaches. April brought a variety of attacks, exposing more customer data and proving that companies of any size and type can be vulnerable.
Here are the recent data breaches that made headlines in April 2016:
Qatar National Bank
In yet another case of a large institution being hit by a data breach, Qatar National Bank (QNB) announced at the end of April that it had been hacked. The second largest bank in Africa and the Middle East, QNB lost information including customer transaction logs, PINs and credit card data. Hackers even managed to get detailed data on the Qatari royal family.
One particularly interesting aspect of this breach is that hackers reportedly combined the stolen data with information obtained from other sources like social media profiles. That mix helped them create a more robust profile of each customer, which could be invaluable for identity theft. The attack serves as a good reminder to practice social media best practices when it comes to posting (e.g. limiting what information you reveal) and to make sure your privacy and security settings are in place.
Government Health Agencies
Healthcare insurers, hospitals and clinics have all been targets of breaches in the past. As two recent attacks show, however, government-run health agencies may be equally at risk. Recent breaches hit Washington state’s Administration for Children and Families as well as Florida Health, potentially exposing information about people served by those agencies.
A security expert noted that protecting health data requires significant investments in technology and training. But, he added, government health agencies are typically even more budget-constrained than private health organizations. That could ultimately increase the threat of medical identity theft.
The hospitality industry is no stranger to data breaches, as cyberattack victims within the past two years have included Hilton, Hyatt and Starwood properties. Presidential candidate Donald Trump’s line of luxury hotels is the latest to be affected.
Security expert Brian Krebs reported that customers noticed fraudulent charges on cards used at several Trump hotels. In a statement, Eric Trump, executive vice president of development and acquisitions for The Trump Organization, noted that the hotel chain is routinely targeted by cyberterrorists and that an investigation is ongoing. The breach serves as a good reminder to check credit card charges thoroughly, especially when traveling.
Maine School District
The breach occurred as part of a phishing scam. The district’s payroll clerk received an email that appeared to come from her boss’ email, with a request for all W-2 forms from district employees. The message even included the same thumbnail image that the boss attaches to all her emails.
Check back next month to stay up to date on the most recent data breaches.