In the security industry we often talk about industry trends with a detached, generalist viewpoint. It’s only when real incidents happen and follow-on fraud starts occurring that the impact of soaring cybercrime really hits home. This is an underground economy still on an explosive growth trajectory, welcoming new participants, and causing pain for countless victims, every single day.
Three recent incidents in Australia reminded local residents of this new reality. In all three cases, encryption appears not to have been used to protect critical personal information. Those companies may be feeling the financial and reputational impact of these breaches for many years to come. It’s another unfortunate example of what happens to organizations that don’t put data-centric security front-and-center of their risk management strategies.
What happened?
The three firms in question were telco Optus, wine merchant Vinomofo and retail marketplace MyDeal. Here’s what happened:
Optus suffered perhaps the most damaging breach. Over two million customers were impacted by a September cyber-attack after a threat actor took advantage of major security gaps to steal a wealth of personal…