Consumers aren't the only ones affected by massive data breaches. Businesses get hurt as well, and in many cases suffer significant damage.
A case in point is the auto industry, which spends billions on research and development to make its production lines as efficient as possible. These trade secrets are closely guarded. At least, they should be.
But the New York Times reports a security researcher came across reams of confidential auto industry documents this month, in plain view on the internet. The documents covered a Who's Who of the auto industry – every major manufacturer, and even some minor ones.
So how did the documents get there? The Times reports the exposed car companies all had one thing in common – they had all had some kind of fairly recent contact with a small Canadian firm called Level One Robotics and Controls.
In an interview with the newspaper, researcher Chris Vickery said the exposed documents included everything from detailed blueprints and factory schematics to contracts, invoices, and work plans. In short, just about any information a competitor would like to get its hands on.
Data breaches affecting consumers often begin with a small company that a much larger company is doing business with. If you recall the Target payment card data breach in 2013, it had its roots in a security flaw in one of Target's heating and air conditioner vendors, whose system was breached, giving the attackers access to the retailer's payment terminals.
A recent survey by FICO does not provide a lot of comfort, since it suggests a majority of businesses are confident their systems are secure against attack. It could be a case of overconfidence.
Sixty-eight percent of American companies in the survey said they are better prepared for data breaches than their competitors — up from 60 percent last year. According to FICO, utility companies are the most confident, and least realistic, about their security.
"Firms have a lot to lose when it comes to their privacy and security risk and must have an accurate picture of how protected they really are," said Doug Clare, vice president for cybersecurity solutions at FICO. "These figures point to the fact that many firms don't know how they compare against to their competitors, which could lead to an under-investment in cybersecurity protection.”
It may be some comfort that the survey suggests your bank is among the least confident about its network security. FICO says companies in the financial industry are the most realistic about the threats they face, and as a result, may be better prepared to meet them.