Data Breach Ripples: Week of July 10

Posted by Zach Walker on Jul 10, 2015 1:00:00 PM
Find me on:

DBR-Email-Header-4215

In this week's issue:  an Illinois insurer exposes personal data due to a software error, a spyware vendor is the latest victim of a data breach, the Detroit Zoo is investigating a potential data breach, a new study shows security gaps in vendor risk management and in this week's Rippleshot blog post, we put together an infographic with ten data breach statistics that you need to know moving forward.

Illinois Insurer says software error resulted in data exposure

An Illinois-based insurer is alerting an undisclosed number of individuals after a software error caused emails containing sensitive information to be sent to the wrong insurance carriers. Trustmark Mutual Holding Company discovered on May 14 that a software error had caused each insurance carrier to receive a file attachment with names, Social Security numbers, and payroll information for all of the carriers’ customers. Since then, Trustmark has contacted each of the insurance carriers it serves and requested that each carrier confirm that the file attachment and emails were deleted. 

While Trustmark believes that the risk for said compromised information to be used fraudulently to be low, the company is offering identity protection services to all those affected for two years. 

Spyware vendor hacked: Suspends Software usage

Earlier this week, spyware and surveillance software maker Hacking Team confirmed that it had been the victim of a hacking attack. Hacking Team provides spyware capabilities to law enforcement and government agencies across the globe. According to files released over the weekend, Hacking Team has sold its software to organizations in the United States, Bahrain, Russia, Spain and Sudan. The Italian software company is advising its users to suspend any activity with the software until a full investigation can be completed. 

Detroit Zoo Investigating potential data breach

An investigation is currently underway involving the Detroit Zoo and a potential data breach affecting the zoo’s gift shop. Officials with the Detroit Zoo have released a statement indicating that a third-party operator of the zoo’s concession and retail shops experienced a POS data breach between late March and late June of this year. The Detroit Zoo’s third-party vendor, Service Systems Associates, Inc. (SSA) confirmed that the data breach had occurred on its POS systems and is currently working with law enforcement and a forensic investigator to understand the full scope of the breach.

Study Shows security gaps in vendor risk management

Wednesday, the Shared Assessments Program and Protiviti released a new study covering an organization’s risk regarding vendor risk management programs. In the “2015 Vendor Risk Management Benchmark Study,” researchers found that many companies currently fail to meet guidelines regarding vendor risk management despite the all-encompassing industry standards. Despite a growing concern with the latest cybersecurity threats, risk managers and IT professionals note that their organizations are not investing enough resources to help ensure that security best practices are being followed and maintained. 

To view a copy of the Protiviti’s latest study, click here

Rippleshot Content: Ten Data breach statistics that should have your attention in 2015

In this week’s Rippleshot content, we’ve created an infographic with ten data breach statistics that should have your attention in 2015. After the publishing of the Trustwave 2015 Global Security Report and the 2015 Ponemon Institute Cost Of A Data Breach Study, these ten stats will help shine a light on how data breaches affect organizations of all sizes ranging from the cost of lost business due to a breach, the average days from breach intrusion and detection and much more.

Check out our latest infographic and be sure to visit our knowledge center for the latest Rippleshot offerings! 

SHARING IS CARING. TO GET YOUR FRIENDS AND COWORKERS SUBSCRIBED, SEND THEM HERE.

 

New Call-to-action  

Topics: Data Breach Ripples