Top 5 Cybersecurity Breaches in February

Whether it’s due to malware being found on payment devices or spoofed emails that lead to a data breach, companies are losing the battle to protect their crown jewel assets. It’s easy money to these hackers once they gain access to this information so they’ll continue to find new ways to bypass your security. Just look at the top 5 breaches reported in February.

Cloudflare: Never heard of Cloudflare? The company provides a content delivery network, Internet security services and distributed domain name server services for Fitbit, OkCupid, and numerous other customer websites. A vulnerability in its code was uncovered that caused extensive leaks of data from these customer networks. They estimated that the data leak was triggered over 1.2 million times over a five month span, ending on February 18th. The leak was also picked up by search engines and some of the data included session cookies that could be used by a hacker to log in to a user’s account without using their password. As of now, no malicious exploits have been uncovered as a result of this leak.

Arby’s: I’ll have the roast beef sandwich and please steal my credit card information… Malware was found on cash registers at Arby’s fast food restaurants, which may have resulted in the breach of more than 355,000 credit and debit cards from customers. The malware enabled hackers to remotely steal data from a credit card used at a cash register. The hack took place at Arby’s restaurants owned by the Atlanta, Ga.-based company, not its franchises.

InterContinental Hotels Group: InterContinental Hotels Group, the parent company for thousands of hotels worldwide including Holiday Inn, uncovered a credit card breach that impacted at least a dozen properties. Malware was installed on point of sale servers at restaurants and bars at these locations. Information that was obtained included the cardholder name, card number, expiration date, and internal verification code. The company stated that it is continuing its investigation to determine if other properties in the Americas region were impacted as well.

Amalgamated Sugar: The company quickly found that its employees’ personal information was compromised after a data breach. It was uncovered after a hacker posing as the Company’s CEO sent a spear phishing email to a corporate employee requesting copies of employee personal information. The company arranged to provide credit monitoring and identity theft protection services for employees.

Redmond School District: The Redmond School District in Oregon is dealing with a data breach after an someone impersonated the superintendent over email and obtained all employees’ names, Social Security numbers, mailing addresses and wage and tax withholding information. The breach only affects employees, not parents or students. Approximately 1,000 current or recently retired employees may have been impacted by this breach.

These breaches should be a red flag to all organizations. Whether it’s an inside threat or an external one, you need a better approach to protecting your company’s most valuable assets. Start by clicking here to learn how your cyber posture compares to other leading organizations.