Call centers were a big target of cyber criminals last year. But they weren’t alone. That’s why 2018 was a banner year – for cybercrime. Here are 10 of the biggest cyber breaches of the year:
A total system compromise of luxury department stores Saks Fifth Avenue and Lord & Taylor, both owned by Hudson Bay, resulted in the breach of 5 million records. The company was accused of cutting corners on security measures that could have prevented the attack.
Fitness app PumpUp had 6 million records breached thanks to a backend server with no password protection. Among the data compromised were unencrypted credit card data including card numbers, expiry dates and card verification values.
Two data bases owned and operated by The Sacramento Bee newspaper were seized by and anonymous hacker. The data compromised exposed 53,000 subscribers’ information along with the personal data of 19.4 million California voters.
Ticketfly suffered an attack that resulted in the concert and sporting-event ticketing website being vandalized, taken down, and disrupted for a week. When the company refused to pay the attacker’s ransom, the hacker hijacked the website, replaced its homepage, and made off with a large trove of customer and employee data, including names, addresses, email addresses, and phone numbers for 27 million Ticketfly accounts.
Panera Bread keeps its customers’ records in plaintext. This made it highly vulnerable to being scraped and indexed by attackers. The result? 37 million records were breached.
Despite its size and ubiquity, or perhaps because of it, Facebook also experienced a massive data breach. Political data firm Cambridge Analytica collected the personal information of 50 million Facebook users via an app that scraped details about people’s personalities, social networks, and engagement on the platform. Facebook determined the breach affected 87 million users.
A security researcher notified genealogy platform MyHeritage they had discovered a file labeled “myheritage” on a private server outside the company. Upon investigation, the company discovered it contained the email addresses and other information of all users who had signed up prior to October 26, 2017. The breach affected 92 million records.
MyFitnessPal, an platform that tracks users’ diet and exercise, was breached by criminals who accessed individuals’ user names, email addresses, and passwords. More than 150 million users are believed to have had their information compromised.
Exactis, a marketing and data aggregation firm based in Florida, had left a database exposed on a publicly accessible server. The database contained two terabytes of information that included the personal details of hundreds of millions of Americans and businesses. Close to 340 million individual records containing email addresses, physical addresses, phone numbers, and a host of other personal information was compromised.
Indian company Aadhaar found itself vulnerable to a service offered by anonymous sellers over WhatsApp. Using the service, any Aadhaar number, a 12-digit unique identifier assigned to every Indian citizen, could be entered. This provided access to numerous types of information. The data breach is believed to have compromised the personal information of all 1.1 billion citizens in India.
And then there are call centers
Call centers represent a particularly ripe target for criminals to pick. And here the threat can be as damaging to public safety as to bottom lines.
There has been a massive increase in attacks against 911 centers in the past two years. Of the 184 known cyberattacks on public agencies and local governments in that time, 42 have impacted 911 call centers, with hackers in many cases flooding the centers with fraudulent calls.
And these attacks can come from virtually anywhere. In India, for example, six people were arrested for running a fake call center that targeted Americans and Canadians in an attempt to infect their computers with a virus then offering to repair them – for a price.
Don’t let your call center make next year’s list
As more and more companies take steps to stay ahead of increasingly sophisticated criminals, often call center security is neglected. That can be a costly mistake.
Miratech has 20 years of Genesys experience and over 3 million man hours of installing, customizing and operating the Genesys platform. That expertise allows our team to identify virtually every security risk that can occur in your call center and implement the right protections.
To learn more: