Should I be Afraid of Being Hacked?

New Perils in a Connected Worldby Stew Nelson

You bet your business you should!!  This company did…and lost.

I have been railing on you about the high cost of a data breach but this is the first company I know of that paid the ultimate price… Declaring bankruptcy! In late September Diginotar, a Dutch digital authentication company filed for bankruptcy after the company was hacked and valuable authentication certificates were stolen from their servers.

Without getting into all of the technical details about authentication certificates, you should note that in the wrong hands these certificates could allow a hacker to spy on e-mail accounts, set up phony websites, steal login passwords and worse yet destroy confidence in e-commerce in general. Over 500 certificates were stolen for domain names such as the CIA, Mossad, Facebook, Google, Twitter, Microsoft Update Service, Yahoo and Skype just to mention a few. Obviously, this was a very serious breach.

Weak passwords and other security lapses.

After the breach and independent consultant identified numerous security lapses such as weak passwords, lack of virus protection and out of date security patches for their core software. These lapses are inexplicable and contemptible for company playing such a vital role in e-commerce. The Dutch government quickly revoked their authority to issue authentication certificates and the company ceased operations almost immediately.

The parent company pays the price also!

Diginotar was purchased by a U.S., publically traded company Vasco Data Security (VDSI) not too long ago for over $13 million. I suspect and the stock market agrees that substantial write-offs will impact future earnings as Vasco’s share price has dropped almost 60% since the incident happened in mid-July.

Lessons learned.

Businesses must take data security seriously. The old adage “an ounce of prevention is worth a pound of cure” comes to mind. If you store data – you better secure it! After a hack if there is perceived negligence by your customers, competitors or state and/or federal regulators you’ll end up paying the price like Diginotar also.