April is shaping up to be a big month for data breach revelations. High profile incidents include the BeautifulPeople dating site (1.1 million users compromised), Lifeboat gaming site (7 million accounts), essential oils seller doTerra (3 million customers) and Spotify (extent unknown), to name a few.
The consequences are getting higher: states including Tennessee and Nebraska are the latest states to enact data breach legislation. Other states recently adopting tougher data security laws include Connecticut, Rhode Island, Oregon, Washington and Nevada. And a federal appeals court ruled that a class-action lawsuit may proceed against P.F. Chang’s over a 2014 breach.
This week, Verizon published its 2016 Data Breach Investigations Report which includes some alarming statistics: 85% of successful exploits involve ten known vulnerabilities, including outdated security patches, weak passwords and lack of basic data security practices.
There is more work to be done.
Sign up to receive a weekly email summary of my blog posts.