The risk of data breach in global organizations
Cyber security and data breach are ranked as some of the highest rated threats to organizations according to the BCI’s Horizon Scan report 2017 and it’s up to organizations to take these threats seriously and implement mitigation measures according to their size, type and complexity. Failing to do this can lead to financial and reputational damage, as we’re seeing across the headlines this week.
Uber is facing this difficulty, as information regarding a data hack in 2016 comes to light, following another scandal relating to employee rights and customer safety.
As one legal case is slowly being resolved, Uber faces another hit as information on a major data breach which took place in 2016 has been exposed, revealing that Uber paid £75,000 to hackers to delete data that had been accessed. Not only that, they failed to report the breach to regulators which is an organizational requirement.
What does this mean for employees and customers? Uber has confirmed that all employees affected have been offered credit protection monitoring, however customers will not receive the same protection. It has been revealed that names, email addresses and phone numbers of around 50million customers were accessed by the hackers, as well as registration details of around 7million employees. The hackers used a platform which stores Uber’s information, creating their own accounts to download data.
A statement from Dara Khosrowshahi, the new CEO of Uber reads; “At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.”
Khosrowshahi also claimed that Uber is changing its ways. Considering the volume of Uber stakeholders and the lack of responsibility taken for the alleged scandals, is Uber doing enough to retain its employees and customers? What should both small and large organizations be doing to reduce the risks associated with cyber-attack and data breach to their stakeholders and protect their reputation?
The BCI would like to hear your feedback on this story and the ways you protect your organizations from data breach.
- Business Continuity
- Business threats and horizon scanning
- Resilience/ Organizational Resilience
- Information technology and Cyber Security