So apparently everyone’s is getting hacked right now. If stories keep popping up this often, maybe its time to just start doing a weekly data breach post. Also, this much activity is totally justifying why we harp on the importance of Cyber Liability coverage. Just sayin’. Anyway, here’s what happened in the last week or two:
1. Fox News
As you can see by their cleverly “renovated” front page, Fox News’ website got hacked this week (or at least tampered with). Luckily for Fox, whoever made the changes on the homepage seemed to be in a joking mood and there have been no reports of an malicious interference with Fox’ servers/data. Look closely at the picture to see what you can pick out as edited. As a huge fan of The Walking Dead, I particularly love the “Zombie Day” edit.
Y-Combinator graduate MongoHQ was hacked last week, and unfortunately the company’s hackers were not in a joking mood. MongoHQ is a NoSQL database service that also ties in to Amazon Web Services. The hackers gained access to user data and even the company’s internal support application. How did it happen, you ask? It seems that an employee made a bit of a blunder and accidently gave his/her credentials away. I don’t want to say we told you so, but…we told you so.
As a result hack #2, Buffer (a MongoHQ user) was able to be hacked as well last week. This forced the social sharing company to actually freeze its platform until the security concerns were addressed. The Buffer team admits that it didn’t have as much protection in place as it should have and has adjusted security accordingly, but the damage was already done. The hackers were able to gain access to the user database and even several user accounts to send out spam posts on behalf of users.
There’s an interesting lesson to learn from looking at these 3 different data breach incidents. That lesson is that data breaches can come from many different sources. A disgruntled (or just bored?) intern can be just as likely to cause a data breach as a more expected source like inadequate security measures. You can (and should) protect yourself with all kinds of safeguards, but you can’t protect against everything. And that’s what Cyber Liability coverage is for.