News: Consumers faced an onslaught from cyber attacks this year.
It’s been a dramatic year in cyber security, with consumers baring much of the brunt. Here are some of the biggest cyber attack affecting consumers in 2015.
1. Carphone Warehouse Hack
The attack on the mobile phone supplier resulted in 2.4m customers’ having their data breached. This included addresses, date of birth and names, as well as 90,000 encrypted credit card details. The attack on the IT department also affected OneStopPhoneShop.com, e2save.com and Mobiles.co.uk amongst other associated firms.
As well as failing to protect the data, the firm took 72 hours to alert customers to the fact they had been breached too, which did not help keep them onside, or gain them much respect from the cyber security community.
Although the final count of 156,959 TalkTalk customers who had their data stolen was better than the 4m first feared, it was still a major theft of consumer data. It was done by taking the firm’s website with a DDoS attack. The fallout will cost the firm around £35m, not to mention the damage down to customer trust given that this was not first significant breach affecting the firm in recent times.
Dido Harding recently took responsibility for the attack when she faced MPs, saying ""It really does come back to the CEO and the board: was there sufficient oversight in terms of the security policies, the resourcing of the technology team to implement those policies and the knowledge and understanding of best practice?"
Nearly 8m customers had their data stolen when the firm that services online gambling was hacked. This was split up between 3.6m NETELLER accounts and 4.2m Skrill accounts. NETTELLER was hacked by exploiting a vulnerability in the Joomla CMS.
The firm insisted that under 2% of accounts were active in the six months leading to November 2015, but the stolen data still put a huge number of people at risk. The Financial Services Authority was informed at the time of the attac, and an accounting firm was brought in to verify the results of Paysafe’s investigation.
This was the largest hack in which children were the victims. Initially it was thought that 5m children’s records were exposed when the Hong Kong toymaker VTech was hacked, but in the end it rose to 6.4m, including 727,155 in the UK. The breach happened on November 14th 2015, but it took 10 days for the firm to realise what happened, when they were contacted by a journalist.
The data stolen included childrens’ names, gender, birthdays, profile pictures and messages, raising serious child safety concerns. The firm potentialyl left thousands of of photos and chat logs on insecure. servers.
5. Experian – T-Mobile
A breach at the ratings agency led to the exposure of 15m T-Mobile US customers. The attackers remained in the system for a period of time, taking data from customers who had applied from Sept. 1, 2013 and Sept. 16, 2015. The stolen data included names, address, Social Security number, date sof birth, and a ID number. No wonder that T-Mobile boss John Legere said he was "extremely angry"…
Experian has since been hit by a class action lawsuit as a result of the breach.