Top 5 Software Glitches and Breaches of 2018
The year 2018 saw its fair share of glitches and breaches in the world of security. We take a look at the top five such incidents.
Join the DZone community and get the full member experience.Join For Free
Industry reports estimate that over a billion people have been affected by software failures and glitches occurring across various industries and domains. The 2018 Software Fail Watch report from Tricentis, an analysis of the software failures, defects, and vulnerabilities covered by news organizations from around the globe, investigated 606 failures that affected over 3.6 billion people and caused $1.7 trillion in lost revenue. Interestingly, the report further states that 'Retail and consumer technology industries experienced the most software failures of any industry analyzed, making the news an average of 19 times per month.'
We have put together the top five software glitches and breaches in 2018 that sum up the growing concerns around cyber threats and software failures that are expected to affect almost every industry.
1. Google Shutting Down Google+
In a recent development, Google announced its plans to shut down Google+, a consumer version of its social network. This happened after they announced that data of almost 500,000 users was compromised due to a bug that was present for more than two years. At the same time, the company mentioned that there was no evidence of misuse of any kind of data or any scope for vulnerability. It has been reported that Google will be shutting down Google+ consumer version over the next 10 months.
2. Equifax Data Breakdown
Equifax breakdown has been one of the most prominent data breaches, where sensitive data of millions of Americans got exposed. It included passport details, drivers license details, social security numbers, and much more. This affected the data of over 146 million consumers. The disclosure was made by the Securities and Exchange Commission and given to congressional committees who were investigating the breach.
Incidents such as these prominently estimate the growing significance of Digital Assurance and Testing in the overall QA scheme.
3. Facebook's Data Scandal
Facebook's data breach that was reported and disclosed in March 2018 was powered by a political data firm named Cambridge Analytica. The firm collected personal information of about 50 million Facebook users by using an app that was able to scrape details of the user's personalities, social networks, and other engagements on the social network. Since then, Facebook has been facing scrutiny via various data sourcing applications such as Nametests.com.
Incidents such as these lead to a serious dent on the brand's reputation, resulting in numerous interrogations and media confrontations. Losing out on the brand's credibility is one of the scariest things that any business can face. Hence, a lot of focus is being diverted on not only ensuring performance but also on validating the security of the platform.
4. Sacramento Bee Records Breach
As many as 19.5 million records were breached from the two databases owned and operated by The Sacramento Bee, a daily newspaper published in Sacramento, California. These IT assets comprised the California voter registration data that was provided by California's Secretary of State. Apart from this, it also included the stored contact information of the subscriber base for the newspaper. The attacker demanded a ransom for releasing this data to the organization. Ultimately, the daily deleted the database to avoid any further risks and attacks.
Ransomware attacks have been one of the most prominent kinds of attacks on all segments of organizations in recent history. These risks are increasing, reinforcing the need for robust security testing and data safeguarding measures.
5. Ticketfly Gets Vandalized
In May 2018, Ticketfly confronted an attack that vandalized its concert and sporting-event ticketing website. This resulted in total disruption almost for a week when the website had to be taken down. Apparently, the hacker had alerted Ticketfly about a vulnerability and had asked for a ransom to get it fixed. Eventually, when the company refused the same, the website was hijacked and the homepage was replaced with customer and employee data. The data was pretty sensitive, which included, names, addresses, email addresses, and even phone numbers of as many as 27 million Ticketfly account holders.
Published at DZone with permission of Hiren Tanna, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.