Data Breaches That Will Haunt You

Data Breaches That Will Haunt You

This year has been filled with some of the biggest data breaches in history, which is a truly horrific thought.

Halloween is a ghoulish time of year. AMC’s Fearfest is in full swing, Hollywood’s latest terror-inducing features open in theatres, and parties like “A Nightmare on Queen Street” and “Halloween Freakout” are organized. While Jason, Chucky, and Freddy were the nightmares of our childhood, these shriek coaxing monsters seem almost cuddly compared to the shackles of our identity, personal information, and credit rating. Whether you were a Boomer, horrified by Psycho and Rosemary’s Baby; A Gen X’er, terrified by The Shining and A Nightmare on Elm Street; or A Millennial kept up by Scream and Saw, none of those could have prepared you for the horrors of the modern data breach.


This year has been filled with some of the biggest data breaches in history, which is a truly horrific thought. It’s a nightmare for everyone involved, and it feels like we’re living in a horror movie. Maybe it’s more than a feeling, maybe we are living in a horror movie. If that’s the case, then tying these breaches back to common horror tropes (from should be relatively easy.


The Ominously Open Door
The open door, lurking just down the corridor is a common scene in movies, but, in horror movies, it always comes with a jump-scare. That door at the far end of the room is just slightly ajar but we all know it should be closed. Our protagonist approaches the door, the music intensifies, she pushes the door open and we all jump as we get a full view of the monster. Repeat after me, ‘Nothing good ever comes of open doors.’  This same trope can be applied to the Verizon breach in July. An open AWS S3 bucket contained data on somewhere between 6 and 14 million customers. It’s a reasonable assumption that this open “door” scared the Verizon customers whose data was leaked. Much like slasher films, where the same story is told dozens of times, this method of gaining access is not unique. Open AWS S3 buckets also led to the loss of 1.3 million student records from data warehousing company Schoolzilla and more than 9,400 resumes from applicants to the security firm TigerSwan.


Anyone Can Die

You never know who is next in the movies. It could be any character at any time. Not only people but animals are also a possibility, so you have to expect the unexpected. Whether you have one scene with no lines or appear in the entire movie with a 15-minute monologue, no one is safe. Just as you think that the last of the heroes will make it out of the haunted house, a glint of an axe on the camera reminds you, “No One Is Safe!” The same is true in the data breach world, just ask the victims of the Edmodo breach. The data of 77 million users was exposed, which is considered to be the largest breach of K-12 student data in history. Data breaches don’t just impact adults, everyone’s data is fair game to malicious actors.


Absurdly Ineffective Barricade

We’ve all seen this. Running from the monster, our hero ducks into a room and slams the door. He wedges a small chair under the door handle and breathes a sign of relief. Moments later, the door and chair fly across the room as the monster smashes its way in. The more applicable instance, however, is the bumbling band of misfits that pile every item in the room against the door, step back, proud of their accomplishment, only to turn around and see the monster enter the open door at the opposite end of the room. You can have all the security you want in place, but one opening anywhere is enough for our horror movie villain – and hackers – to get in. Take Equifax, for example, where a single overlooked vulnerability resulted in the exposure of the personal data of 143 million people and more lost sleep than the entire Nightmare on Elm Street franchise.


The Calls Are Coming from Inside the House

From 1979’s ‘When a Stranger Calls’ to Drew Barrymore’s iconic opening scene in Scream (1996), this is a well-known and oft-used trope. In the days of cell phones, this doesn’t quite have the same scare factor but many of us remember how scary the idea of picking up the phone and finding out someone was calling from inside the house was. In the days following the release of Scream, babysitters were more vigilant than ever before. While not tied to a specific media worthy breach, the risk from insiders permeates enterprises. According to Verizon’s “2017 Data Breach Investigations Report” more than 14% of breaches involved insiders or privilege misuse. That number is frighteningly high.


Camp Unsafe Isn’t Safe Anymore

Relax! We’re safe here… at least until we aren’t. You find a room, you take refuge, knowing that the movie’s killer can’t catch you here and then, suddenly, someone realizes that he can. It was never safe, even when you thought it was. This feels like an overarching theme in the security world. Vulnerabilities always exist, even before they are discovered and every safeguard we make is ultimately flawed in some way. This year, we saw multiple breaches where the aftermath involved MD5 hashes of user passwords being released. This involved both 715K members of PoliceOne, a LEO community, and 700K members of, a font sharing website. MD5 was never really safe, it just took many years for someone to say “Hey, this doesn’t feel very safe,” and many more before anyone demonstrated just how unsafe. At least in the movies, our protagonists know to run when this is said but, in this case, these sites continued on with the broken and insecure hashing algorithms.


So, maybe we are living in a horror movie, maybe nightmares are haunting us every day. Statistics for the first half of 2017 put the breach count at 5 breaches daily[1]. If you aren’t scared, you should be. Unlike horror movies, we can’t turn on the lights at the end of the show and remind ourselves that it’s a work of fiction. This is real life and the numbers are scarier than anything Hollywood has ever dreamed up.


  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Protecting Data is Critical

    To say that the Internet of Things (IoT) has become a part of everyday life would be a dramatic understatement. At this point, you would be hard-pressed to find an electronic device that is not connected to the internet. Read Now

  • Mobile Access Adoption

    Smartphones and other mobile devices have had a profound impact on how the world securely accesses the workplace and its services. The growing adoption of mobile wallets and the new generation of users is compounding this effect. Read Now

  • Changing Mindsets

    We have come a long way from the early days of fuzzy analog CCTV systems. During that time, we have had to migrate from analog to digital signals. When IP-based network cameras arrived, they opened a new world of quality and connectivity but also introduced plenty of challenges. Thankfully, network devices today have become smart enough to discover themselves and even self-configure to some degree. While some IT expertise is certainly required, things are much smoother these days. The biggest change is in how fast security cameras and supporting infrastructure are evolving. Read Now

Featured Cybersecurity


New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3