CSTI
    breachThe Commercial Era (2010-2019) Daily Briefing Landmark Event

    Year-End Cybersecurity Briefing: Breaches and Vulnerabilities Mark 2019

    Saturday, December 28, 2019

    Today marks the end of a tumultuous year in cybersecurity, characterized by a staggering number of data breaches and vulnerabilities. In a disclosure published earlier today, reports indicate that 2019 witnessed a total of 5,183 data breaches, exposing approximately 7.9 billion records. This represents a significant 33% increase in breaches compared to the previous year, with the healthcare sector notably impacted due to unsecured systems and databases.

    Overnight, news broke that T-Mobile experienced a breach affecting over a million customers, compromising personal data such as names, addresses, and phone numbers. Fortunately, no financial data was reported as exposed, but this incident raises concerns about the security of customer information at major telecoms. Such breaches not only undermine consumer trust but also highlight the ongoing challenges in data protection within the telecommunications industry.

    In another alarming incident, Sinai Health Systems reported that thousands of patient records were compromised due to the hacking of two employees' email accounts. This breach exemplifies the risks associated with human error and inadequate email security, where sensitive patient information can be easily accessed by malicious actors. The healthcare sector continues to face scrutiny over its cybersecurity practices, particularly in light of the vulnerabilities that have been exposed this year.

    Additionally, a critical vulnerability in Microsoft Outlook for Android has come to light. This flaw could allow attackers to steal sensitive information and facilitate phishing attacks, further emphasizing the importance of securing mobile applications. The rise in mobile device usage necessitates a closer examination of security practices in app development and maintenance to protect user data effectively.

    Phishing scams have also evolved, as evidenced by reports of fake WebEx meeting invitations being used to deliver malware. Such tactics reflect the increasing sophistication of cybercriminals and the need for organizations to educate employees on recognizing and responding to phishing attempts.

    The broader implications of these events indicate a pressing need for organizations across all sectors to enhance their cybersecurity measures. Poor security practices, such as failing to encrypt sensitive data and leaving databases unsecured, have been the root cause of many breaches this year. As we move into the new year, a renewed commitment to cybersecurity awareness and robust security protocols will be vital in mitigating risks and protecting sensitive information from future breaches.

    Sources

    data breach cybersecurity T-Mobile Sinai Health Systems Microsoft Outlook phishing