Your Business Community Logo

Call Us On 0333 358 3399

Join Now Button

Monday, 11 April 2016 14:54

What are the causes of the recent 'mega' hacks?

Written by
In the past few days, there have been reports of hacks involving the personal information of more than 50 million Filipinos, 49 million people on the Turkish citizenship database and 11 million documents held by the Panama-based law firm Mossack Fonseca. The actual causes are still not known, but the use of out-of-date or incorrectly configured software along with the possibility of some insider help are more than likely.

For the Panama papers hack, the use of unencrypted emails and old versions of WordPress on the website and Drupal for the portal used by customers to access sensitive data, have been highlighted as possible causes. The other two hacks appear to have been via websites, which could be the result of incomplete testing or the setup of the hosting environment.

Even without firm evidence of the causes, there are two obvious lessons for all businesses:

  • Make sure you are running the latest versions of software - in your office, on your website and any portals for staff or client use
  • Seek advice on what technology and processes are appropriate for the information being handled. For example, if you have a website that handles client and/or personal data get assurances from the developer that it has been properly tested¬†- ideally with a 'penetration test' that looks for flaws that can be exploited by criminals - and data is encrypted so if an unauthorised party did get access they could not read it

References

Outdated and Vulnerable WordPress and Drupal Versions May Have Contributed to the Panama Papers Breach

The massive Panama Papers data leak explained

Read 1005 times Last modified on Monday, 11 April 2016 21:48
Login to post comments