Cyberattacks are happening more often and every single day. Statistically, one in four people are affected by a cyberattack every sixty seconds. And to think this is just the beginning!
Last year, darling company Uber suffered a very large-scale in October 2016. The data from over 57 million customers and drivers was exposed, and like so many other companies, Uber tried to cover it up. The new CEO thought this was relevant for the world to know and he made the information public on Nov 21 2017, days before their busy Thanksgiving season.
In the statement, Dara Khosrowshahi, CEO of Uber stated:
“Our outside forensics experts have not seen any indication that trip location history, credit card numbers, bank account numbers, Social Security numbers or dates of birth were downloaded. However, the individuals were able to download files containing a significant amount of other information, including:
– The names and driver’s license numbers of around 600,000 drivers in the United States. Drivers can learn more here.
– Some personal information of 57 million Uber users around the world, including the drivers described above. This information included names, email addresses and mobile phone numbers”
He went on to provide a link to their “Uber Help” web portal with information for riders (which can be found here: https://help.uber.com/h/12c1e9d1-4042-4231-a3ec-3605779b8815). In that link they encourage all riders to monitor their credit status but do not believe anyone needs to take action.
Uber supposedly paid someone $100,000 to hide the data breach and delete the data, with many people blasting Uber for trying to cover this up. But, are they really at fault?
Security is something we still take for granted in todays day. Many of us do not realize that our information is literally “out there”. We trust these brands to protect our data and to keep us safe, yet can they really afford to? I guess we should also ask if they really can afford NOT to. Ironically, we also believe that companies should protect our data but that it shouldn’t cost us any more money for their services.
So how do companies protect the data we’re entrusted with to mitigate cyberattack risks? Some would say “write bigger cheques and spend more money on the latest and greatest technologies and services”. Although there is some merit to putting the best at work for you, leveraging the latest and greatest tools, the truth is that cyberattacks are getting more complex, and the attackers are getting more creative.
What if companies took a step back and looked within first. Doing simple things like avoiding unknown clicks, not going to unknown websites, and focusing on working instead of surfing usually are three great tips that most IT departments advocate.
The other side of the issue is the damage that a brand can suffer from a cyberattack of the likes we are seeing these days. Each of us need to consider the impact that something like this really has on a brand. Aside from the obvious, think about how distracting this is for a company (not focusing on what the company really does, yet trying to mitigate disaster and minimize impact).
What about the disruption on company performance? Or eroded trust the company will endure. What about the damage to the trust a team can feel for one another knowing that someone caused the whole company the grief?
We all have a responsibility above and beyond the IT department’s efforts. As an employee of a company, that click could be the end of your company. We all need to be more aware of our actions and the devastation that one employee can have on a company.
A client of Infinite IT advocates to all his users in the company to “THINK BEFORE YOU CLICK”. Four simple words that could literally impact the viability of any company.