The Sony breach, which compromised nearly 50,000 employee Social Security numbers, healthcare records, salary information and private email correspondence, serves as a warning to other businesses that cybersecurity is of the utmost importance.
“That is concerning not just for the movie industry but for all industries within the U.S. economy or world economy,” said security expert Frank Mong to the LA Times, speaking of the Sony breach. “Now you have to operate under the mind-set that my email is not confidential. We should all live with a little more paranoia when we do these things — ask, ‘Is this really legitimate?’ Should I really be clicking that?”
Although there seems to be a fair amount of breach-fatigue setting in, Americans are still concerned about the security of their information, particularly after the Sony hacking. It seems that one year of free credit monitoring is no longer satisfying individuals who have had their sensitive personal data exposed on the internet. Groups from Target to Home Depot are going to have to handle lawsuits, legal fees and lost customer trust in the coming years.
Sony is no different in that it is facing significant backlash as a result of the breach. Already employees have filed four class-action lawsuits against the company, claiming that the organization neglected to defend its employees’ information even after previous data breaches and several security warnings issued by third-party firms.
CNN reported that one of those complaints describe the breach as “an epic nightmare, much better suited to a cinematic thriller than to real life, is unfolding in slow motion for Sony’s current and former employees: Their most sensitive data including over 47,000 Social Security numbers, employment files including salaries, medical information, and anything else that their employer Sony touched, has been leaked to the public, and may even be in the hands of criminals.”
The employees’ data has been scrubbed from the internet, but their lawyers have submitted that once information is leaked privacy can never be fully recovered. As a result, those individuals who have been exposed will have to guard against identity theft for the rest of their lives.
This last year was a major one for data breaches of all magnitude, and security experts are predicting that 2015 will be no better.
PCI regulations are requiring retailers to convert to an EMV chip-and-PIN payment system by October of 2015, which is more secure than the swipe credit card arrangement that is still used for the most part in the United States. This should decrease the number of breaches that occur after October, but this also means that hackers are facing a closing window of opportunity when it comes to American retailers. Security professionals are predicting that cybercriminals will increase the number of attacks before October, in an effort to steal the most information possible before businesses become PCI compliant.
As a result of this forecasted increase in hacking activity, businesses are expected to strengthen security systems and invest more funds into defensive measures that were perhaps lacking in the case of Sony.
If you own or operate a business, then the beginning of the new year is the perfect time to evaluate your internal security practices and how you can make your company even stronger. The security of your employee and customer information is more than worth the investment in time and money that a simple upgrade to your point of sale and inventory system will cost you. Take care of it today so you can enjoy a productive and hassle-free 2015.