Before last week, chances are you’d probably never heard of iBahn, a Salt Lake City-based company that provides Internet services to hotel chains such as Marriott International Inc. Last week, however, the company suffered a disconcerting security breach at the hands of Chinese hackers that potentially exposed millions of sensitive corporate emails.
A recent Businessweek article by Michael Riley and John Walcotte outlines the attack: China-backed hackers broke into the iBahn network, potentially gaining access to millions of emails, including those that were encrypted and contained sensitive business information.
The attack of iBahn, a small company, is a change of tack for Chinese hackers, who in the past have set their sights on the Googles and Intels of the world. By cracking iBahn’s system, the hackers were potentially able to access entire corporate networks through traveling employees who used iBahn’s system while on business.
“They are stealing everything that isn’t bolted down, and it’s getting exponentially worse,” Michigan Representative Mike Rogers, chairman of the Permanent Select Committee on Intelligence, told Businessweek.
We certainly don’t mean to be ongoing bearers of data security doom and gloom, but there are security measures that can make a difference in the cloud — and multifactor authentication plays an important part.
TIMELINE OF RECENT SECURITY BREACHES:
- DECEMBER 14th: China-backed hackers break into iBahn network, potentially accessing millions of confidential emails
- NOVEMBER 30th: Duqu authors likely behind extensive C&C infrastructure wipe-outs
- NOVEMBER 10th: Valve’s Steam server hacked.
- JUNE 24th: Electronic Arts’ BioWare server hacked.
- JUNE 20th: Sega hacked – 1.3 million users had sensitive information stolen.
- JUNE 20th: Dropbox files left open due to bug.
- MAY 16th: LastPass database stolen.
- May 10th: Citigroup hack exposed the data of 360,000 accounts, millions stolen.
- APRIL 27th: Sony PlayStation Network hacked.
- MARCH 30th: Epsilon (email communications manager) had the email database for 26 companies – including Citi, Walgreens and BestBuy – stolen.