CSTI
    breachThe Commercial Era (2010-2019) Daily Briefing Landmark Event

    Cybersecurity Briefing: Major Breaches Shake Organizations on June 21, 2018

    Thursday, June 21, 2018

    Today, cybersecurity professionals focus on the fallout from a significant data breach reported by British Airways. The airline confirmed that personal and financial information of approximately 429,612 customers has been compromised. This breach occurred due to attackers exploiting compromised credentials from a third-party supplier, leading to unauthorized access to the airline's systems. Alarmingly, sensitive payment card information was stored in plaintext, raising serious concerns about data protection practices. This incident not only affects the customers involved but also triggers substantial regulatory scrutiny under the General Data Protection Regulation (GDPR). Organizations must recognize the implications of third-party integrations and the importance of safeguarding sensitive customer data.

    This morning, another cybersecurity challenge is highlighted within the healthcare sector. The Commonwealth Healthcare Corporation has reported unauthorized access to patient data due to vulnerabilities in their internal servers. This incident underscores the pressing need for enhanced security protocols in healthcare, which is often targeted due to the sensitivity of the personal data involved. The nature of healthcare data requires organizations to adopt rigorous cybersecurity measures to protect patient privacy and maintain trust.

    In a related note, the upcoming disclosure of a data breach by Ticketmaster, set for June 27, draws attention to the risks associated with third-party applications. The breach is believed to have originated from a compromised live chat software, exposing personal data of customers worldwide. This incident serves as a critical reminder of the potential vulnerabilities that third-party services can introduce into an organization’s cybersecurity framework.

    These events reflect the ongoing vulnerabilities present in various sectors, particularly as organizations increasingly rely on third-party integrations. They also emphasize the necessity for improved security training and measures to effectively manage partnerships with third-party service providers. As we continue to navigate a landscape fraught with cyber threats, the implications for cybersecurity practices are profound, urging a reevaluation of risk management and data protection strategies across industries.

    Sources

    data breach GDPR third-party risks healthcare security