|The Bitglass report stated that employee negligence and internal threats were the leading causes for general breaches / Photo by: Sergey Nivens via 123RF|
Some of the major security breaches to companies in recent years were due to external cyber attacks that "leveraged phishing, malware, and technical vulnerabilities," according to a report from cloud security firm Bitglass, affecting firm experiences and costing billions of dollars.
The Bitglass report stated that employee negligence and internal threats were the leading causes for general breaches, TechRepublic reports.
However, the major breaches that affected the most notable firms (and, by extension, their massive customer bases) are caused by external sources—showing that bigger companies may have to focus their efforts on stopping their attackers instead of worrying about unskilled employees.
One of the security breaches cited in the Bitglass report was the attack on the hotel giant Marriott Hotels. According to TechRepublic, the attack on the hospitality firm's Starwood Hotel branch exposed 387 million guest records that included, names, birth dates, gender, addresses, and even passport details. Marriott stated it was uncertain how the attack occurred and that it may have started as far back as 2014.
Another notable breach was the massive attack on social networking mammoth Facebook. The Bitglass report said the cause of the breach, which occurred in September 2018, was due to bad code. Two bugs in Facebook's privacy tool, along with one in its video upload software, led to the theft of private details such as usernames, gender, email addresses, location check-ins, and relationship statuses.
Bitglass said massive breaches as these ones have notable effects not only on customer data but also on the targeted company. Such attacks would cost companies an average of $347 million that in legal fees, penalties, and remedial costs, among others).
The report also found that affected companies suffered an average 7.5 percent loss in stock equivalent to a market cap loss of $5.4 billion.
There were other company breaches listed in the report with each attack, showing enterprise security professionals what they need to do to strengthen security as attacks are a constant threat to any business.