12/30/2019 – 01/03/2020
Check if your account has been compromised on the dark web
Weekly Breach: 12/30/19 – 1/3/2020
This week, ransomware brings bad news for employees, dating app users endure a serious privacy breach, and too many companies are giving in to criminals’ demands.
In Other News:
Too Many Business Are Paying Ransom Demands
Ransomware attacks have been one of the definitive cyber threats of 2019, and, despite their growing prominence, business leaders are still struggling to determine the most effective response.
Unfortunately, many organizations are bending to hackers’ demands by paying the ransom to retrieve their data. In fact, the number of organizations giving in to extortion demands have more than doubled this year. In total, nearly 40% of businesses breached by a ransomware attack are paying criminals to decrypt company data.
This trend goes against the recommendations of law enforcement agencies and many cybersecurity experts who fear that ransom payments will embolden criminals to continue attacking businesses, schools, and government facilities. In addition, as we’ve noted in this week’s newsletter, making a ransom payment doesn’t guarantee that data will be recovered.
Of course, even those that don’t pay the ransom will not escape unscathed, as the cost of recovery can be as steep as the ransom itself. However, SMBs do have the power to protect themselves. By ensuring that their software is up-to-date and that their accounts are secure through simple features like two-factor authentication, they can take away many of the footholds that hackers use to infect businesses with this costly malware.
Georgia Supreme Court Gives Data Breach Victims the Right to Sue
Data breaches carry all kinds of expenses that can do serious damage to a company’s bottom line. That reality became more prominent this week when the Georgia Supreme Court ruled that data breach victims could sue for damages.
The verdict overturned an earlier ruling pertaining to a 2016 data breach at Athens Orthopedic Clinic, which endured a breach that compromised patients’ personally identifiable information that eventually made its way to the Dark Web. While the clinic moved to dismiss the case, the court ruled that victims could sue the company for damages.
Ultimately, the ruling underscores another financial front that businesses need to account for when considering the risks of a data breach, and it should encourage companies to get the support they need they need to ensure that they are keeping sensitive data secure.