“Nearly 9 out of 10 large organisations surveyed now suffer some form of security breach – suggesting that these incidents are now a near certainty. Businesses should ensure they are managing the risk accordingly.”
(Department for Business, Innovation & Skills 2015: 6)
This is not limited only to the private sector. In 2007, the UK governmental department HM Revenue & Customs (HMRC) was subject to a loss of discs that contained records of around 25 million people and were, in fact, a complete record of the government’s child benefit database. Data lost included names, addresses and dates of birth of children, together with the National Insurance numbers and bank details of their parents. The discs were password protected but the encryption used was weak and could easily have been broken.
Many breaches in the private sector involve credit card account information and customer credentials theft. One of the high profile cases of 2013 is that of the ‘Target breach’ that reportedly involved approximately 40 million customer records. The records contained financial data such as information on credit cards, and other information including the names and email addresses of 70 million customers.
The BBC keeps an up-to-date list of large global data breaches. Choose one of the recent breaches and investigate it using other online sources. Report back to your fellow learners on an aspect of the data breach that you think could have been prevented, or helped to prevent the attack.
Department for Business, Innovation & Skills (2015) Information Security Breaches Survey 2015: Full Report [online]. available from https://www.gov.uk/government/publications/information-security-breaches-survey-2015 [20 August 2019]
© Coventry University. CC BY-NC 4.0