September 2015 was a busy month for cyber security. From data breaches to cyber attacks and malware, approximately 34 cases of cyber security vulnerabilities were announced in the month of September 2015, a staggering number to say the least.
One of the most controversial US companies, Comcast, was the victim of a data breach that cost them over $33 million in fines. The data breach targeted the personal information of about 75,000 Comcast customers. Furthermore the 75,000 victims, who had specifically paid $1.50 per month to keep their personal information private, had their personal details publicly posted online. California’s attorney general, Kamala Harris, considered the matter a “troubling breach of privacy.”
Perhaps one of the more bizarre data breach incidents came when a young web developer, Alaxic Smith, did some digging on the Kardashian sisters’ websites. After discovering and unminifying a Javascript file found on Kylie Jenner’s website, Smith stumbled upon the ability to access names and email addresses of over 660,000 subscribed fans. This data breach was made possible by the fact that the website had an open API, not a closed one. The media firm behind the famous Kardashian’s website, Whalerock Digital Media, issued a statement that confirmed an open API was indeed the culprit. Although no payment information was accessible through the open API, it does strike fear in users that trust these sites to be of the highest level of security.
In upstate New York, a data breach of the health insurance firm Excellus BlueCross BlueShield affected over 10.5 million New Yorkers. Although the reports came about in September, the attack itself occurred in December of 2013. The Excellus BlueCross BlueShield data breach was not as constricted as the Kardashian breach, in terms of what kind of information was made public. While the Kardashian website breach, which was due to an open API, that allowed Alaxic Smith to identify the names and email addresses of more than 660,000 subscribers, the data breach that afflicted the health insurance provider Excellus BlueCross BlueShield gave much more information away. Hackers were able to access personal information, including name, date of birth, Social Security Numbers, mailing addresses, telephone numbers, member ID numbers, financial account information, and claims information, for over 10.5 million New Yorkers insured under Excellus BlueCross BlueShield.
For being such a giant in the health insurance industry, one would assume that they would have much stronger security measures in place to prevent such a breach from ever happening. The issue with this sort of assumption is that companies do not always equip themselves with the sort of security measures needed to prevent data breaches and malware from accessing their sensitive information. In the age of big data, assumptions like these are dangerous and can be detrimental, as in the case of the data breach of 21.5 million individuals that were associated with the United States Office of Personnel Management.
Unfortunately, for many companies that harbor large amounts of sensitive and personal information, they’ve taken a softer approach to creating a safeguard against cyber attacks. 34 reported cyber attacks and data breaches in one month can be identified as a crisis by some standards, especially when the bulk of those attacks are targeting various industries and various companies with which we are associated. When the old data security measures are no longer enough, it becomes pertinent for organizations, both big and small, to employ new data security tactics that can protect the vital information of their employees, clients, and customers.
The days when antivirus software was sufficient to safeguard our computers are long gone. Greater data security measures that can prevent large cyber attacks involves layers of protection. For Kanguru, this became evident early on and has been an attribute found in all of their secure data storage devices.
The line of Kanguru secure data storage devices such as the Kanguru SSD300™ and Kanguru HDD300™ are equipped with multiple layers of security. Aside from the onboard antivirus software that comes standard on all Kanguru devices, they have four flash storage devices and two external hard drives that have achieved FIPS 140-2 Certification. Data storage devices that are FIPS 140-2 certified are regarded as being extremely secure and exceed most governmental regulations and standards, making Kanguru devices safe to use in governmental, health and medical, educational, and financial organizations. In addition, all Kanguru devices also have 256-bit AES Hardware Encryption, which works to scramble the data stored on the device and prevent it from being readable. Combine all of these heavy duty security measures into one device, and you have a Kanguru secure data storage device.
For more information, please contact us or visit https://kanguru.com/ .