About  |  Blog Resources  |  Login

Year in Review: Top Security Fails of 2021
Jan 3, 2022

A lot has changed in the last two years about the way we do business. The job of the IT administrator, operations manager, human resources, or a tech team within an organization has officially been turned upside down. “Standard” protocols now include things that weren’t exactly standard before 2020.

We begin 2022 with many failures we can learn from as we navigated the Covid-19 pandemic. But even outside of the pandemic, we’re learning that security breaches are occurring at a rapid increase, and, frighteningly, the majority of them are a result of vendors external to the company itself.

From healthcare facilities to financial institutions and beyond, the bottom line is that businesses employ people and people make mistakes. That’s why it’s critical to surround ourselves with experts who help fill in the gaps as we continue to navigate a new normal and implement technologies to improve the operations of our business.

So, what does this look like? Perhaps it’s a consultant who understands the nuances of HIPAA compliance or, at minimum, what it takes to protect confidential information in all areas of our business. Maybe it’s doubling down on human resources and IT team members to accommodate an increase in remote staff. Or, maybe it’s taking a hard look at the processes in place in your business and asking yourself the question  – why are we doing it this way?  

Data breaches are more likely to occur when we let our guard down, getting too comfortable with doing things the way they’ve always been done. When our teams are overworked, tired, or stressed, important details and processes can fall through the cracks. Leading empowered teams doing purposeful work, rather than dealing with the headache of antiquated systems, is a critical factor to success in the coming year. Let’s look at some data breaches of 2021 and use them to learn from, setting ourselves up for a better, more secure 2022.

Healthcare

According to Healthcare IT News (healthcareitnews.com), 44 million patient records have been compromised in the last year. We mentioned in a previous blog post about personal privacy that, in a single act, a former NY hospital employee was charged with violating the protected health information (PHI) of 13,000 patients alone. That may seem small compared to the Florida Healthy Kids Corporation, who realized that vulnerabilities had been impacting their patient records since 2013, leading to the exposure of private information of over 3.5 million individuals.

Arguably the worst healthcare breach was that of firewall vendor Accellion, which significantly impacted many companies, including The Kroger Co. Kroger was utilizing Accellion’s file transfer application.

Social Platforms

A number of social media platforms experienced significant breaches this year. The Amazon-owned social platform Twitch confirmed a massive data breach that disclosed confidential information including how much the platform’s top streamers were paid. The issue according to Twitch was “a server configuration change accessed by a malicious third party.”  The company also experienced a major security issue in 2015, so ongoing precautions taken by the organization could be in question.

Both Facebook and LinkedIn discovered leaked databases. On Facebook, 533 million accounts were affected. On LinkedIn, 700 million accounts that included personal information, including names, email addresses, and geographical locations, for the accounts.

Automobile Industry

Auto manufacturers Audi and Volkswagen both experienced a breach of 3.3 million customers and prospects. Years’ worth of data from both companies was left unsecured, and in March of 2021, it left social security information, driver’s license numbers, and more at risk.

Not only do automotive companies put the data of their customers at risk when an attacker strikes, but there are hundreds of past reports that prove security breaches can occur within the vehicle’s technology itself, which can affect the physical security of those who drive them.

Protect Your Business

Earlier this year, Security Magazine reported that banks saw a 1,318% increase in ransomware in the first half of 2021. When technology stays the same year over year, the consequences of broken, fragmented systems can have an extremely negative impact on a business. Leadership at every organizational level should constantly challenge their methods, systems, and processes to make – and budget for – improvements.

Botdoc helps organizations give their customers a better experience with a simple, fast and secure way to exchange confidential information. And oftentimes in just a short conversation with a Botdoc team member, we can quickly identify ways to improve a broken, fragmented customer journey and turn it into a more secure, easier process. In fact, Botdoc is the only provider offering a simple, seamless, and secure way to exchange data without the use of logins, pins or passwords.

Interested in learning more about BotDoc? Let’s start a conversation today.

 

Book a Demo