We’ve been constantly warning you about the need for good cybersecurity policies that you actually follow. According to ZDNet, ransomware is the biggest threat to online security right now, and it’s getting worse. However, ransomware is by no means the only concern; a lawsuit following a data breach could also be a real possibility. According to a case recently filed in federal court, an online portal used to help people apply for unemployment benefits in Illinois allowed public access of applicants’ names, Social Security numbers and street addresses. The company that built and maintained this portal, Deloitte Consulting LLP, apparently created similar portals in Ohio, Colorado, and Arkansas, all with the same flaw. Interestingly, the lawsuit does not seem to allege any known, specific use of the personally identifiable information (PII), yet they lawsuit estimates damages exceeding $5 million. If this lawsuit is successful, it could substantially increase liability in cases where there is no direct evidence of actual use of PII, such as identity theft.
So what is the good news? The “Evil Corp gang” (yes that’s the real name mentioned in the article) attempted to target major corporations, including eight Fortune 500 companies, for a ransomware attack. However, the imminent attack was detected and blocked. The article is short details about how this occurred, but you can be reasonably sure that some savvy IT professional was monitoring their system and was able to stop the attackers.
Are your cybersecurity policies up to date? Do those policies include monitoring to detect possible cyberattacks? If you’re not sure, and you need help creating, reviewing, or updating those policies, don’t hesitate to contact us. If you have already been hacked, don’t delay in contacting us and/or your cyber insurance carrier.