In the last two weeks, three large corporations have been victims of data breaches. Just days before Black Friday began, Amazon revealed that an internal technical error breached the names and email addresses of an unknown number of customers. On November 29th, Dunkin Donuts announced that their DD Perks Program experienced a data breach that gave out DD Perks Users usernames, passwords and emails. Finally on November 30th, Marriott announced that its Starwood Hotels (St. Regis and Westin are among those brands) had been hacked in a breach dating back to 2014! Some 500 million people who stayed in the hotels have had their personal information exposed. Of those 500 million, 327 million have had information including names, phone numbers, email addresses, passport numbers and dates of birth exposed. For millions of others, credit card numbers and card expiration dates were potentially compromised.
What Do These Breaches Have To Do With My Business
As a business, your biggest concern is for these data breaches is that many times, employees use the same passwords and even business emails to sign up for services from websites. While the Dunkin Donuts breach may be slightly more innocuous, the Marriott breach could expose an incredible number of business travelers’ information to the dark web. Even if you or your employees don’t use their work email addresses for online shopping or coffee clubs, the likelihood that they’ve used the same password for accounts across the internet is real. Once cybercriminals get access to password data, it’s a matter of time before they can gain access to your network and data in any number of ways. And once your credentials are compromised, your customer data could end up for sale on the dark web. When a hacker gains access to stolen data, there are many methods that can be used to gain access to your business.
How to Protect Yourself From the Dark Web
Most businesses take a reactive approach to these breaches and Dark Web threats. They believe the probability of falling victim to it is low, and if it does happen, they’ll take care of it when it happens. Be warned, this is a very expensive approach to security. Most data breaches aren’t detected immediately, and by the time they are, it could be too late. According to the National Cyber Security Alliance, almost 50% of small businesses have experienced a cyber attack, and as much as 60% of those hacked small and mid-sized businesses go out of business within six months of the attack.
A company that is unaware of a data breach can come off as incompetent or even uncaring. In 2017, credit monitoring firm Equifax exposed data for 143 million people, and their handling of the situation was an epic failure. This type of response to a breach shows that all businesses need to be more aware of the threats they are facing, and protect themselves accordingly. Here are a few ways you can protect your business:
- Believe Your Business Will Be Breached: Let’s face it, it’s not a matter of if, but when a business will be attached. In the past, hackers would target large businesses, but today small and mid-sized companies are considered equally as valuable. If you’re prepared for a data breach, you can create an effective strategy to make your data harder to interpret.
- Monitor the Dark Web Regularly: The sooner you find out that your company or employee data is on the Dark Web, the faster you can take action. Fraser offers Dark Web Monitoring services through our Managed IT group, and they can inform you immediately when company-specific data arises.
- Have a Plan: If your data is on the Dark Web, have a plan in place to minimize the consequences. Know specific risks that are particular to your business and create a step-by-step action plan. This will have you prepared for when a breach occurs.