When it comes to data security breaches, many organizations say, “That could never happen to us.” Unfortunately, the increasing frequency of data security breaches means that many of these organizations are wrong. Don’t believe it? Let’s take a look at a few recent security breaches.
In October 2013, the multi-billion dollar company, Adobe Systems, Inc., suffered a data security breach that compromised nearly 3 million records. Hackers were able to access customers’ IDs, encrypted passwords, names, encrypted credit or debit card numbers, expiration dates and other information related to their orders.
In October 2013, a Wisconsin hospital suffered a data breach when a laptop computer with unencrypted data was stolen out of an employee’s car. As a result, patients may have had their names, dates of birth, medical record and account numbers, providers, departments of service, bed and room numbers, dates and times of services, visit histories, complaints, diagnoses, procedures, test results, vaccines and medications exposed.
In September 2013, a dishonest hospital employee in Florida accessed patient names, social security numbers, dates of birth and addresses. Even though the employee was fired and will be facing criminal prosecution, this information may have been used to file fraudulent tax returns.
In September 2013, Columbia University Medical Center suffered a data security breach when an Excel file containing sensitive medical student information was accidentally attached to an email that was sent to students, faculty and staff.
In September 2013, a financial services firm suffered a data breach when a programming error allowed customers’ names, social security numbers and addresses to be viewed on the firm’s unrestricted website.
These recent incidents show that data security breaches can happen to any organization. This means that every organization must be proactive in protecting against data security breaches. Though protective measures should cover everything from the wireless network to the copy machine, organizations should also consider protecting against data security breaches with insurance.
Various cyber liability products are available to protect against privacy injuries, such as identity theft, and to cover the cost of complying with various data breach notice laws. Given the complexity of the risk, an experienced insurance agent should be consulted to ensure that adequate coverage is obtained. If you would like to learn more about insuring against data security breaches, contact us.
If you would like to learn more about preventing data security breaches, take our online course Information Risk Management: Strategies for Preventing and Mitigating Information Security Breaches.
If you would like to subscribe to our newsletters please click here.