Oregon Department of Human Services (DHS): State agency of Oregon.
Risk to Small Business: Severe: Last Thursday, the Oregon DHS announced that it suffered a data breach after nine employees opened phishing emails and exposed their accounts to hackers. As a result, the social security and personal information of an undecided number of citizens could have been exposed. Along with having to inform the affected individuals, the state’s largest agency will be forced to upgrade security efforts and likely conduct cybersecurity training for employees.
Individual Risk: Moderate: The privacy breach could have included first and last names, addresses, DOBs, SSNs, and case numbers related to DHS programs. State residents should monitor their credit reports for possible payment fraud but will remain at risk.
Customers Impacted: To be determined
How it Could Affect Your Customers’ Business: In the wake of numerous phishing attacks resulting in privacy breaches, organizations storing personal information must take notice and begin protecting individuals. Employee phishing scams are entirely preventable with proper cybersecurity training, which can effectively mitigate the risk of breach. The case and ROI for phishing security solutions becomes intuitive when we consider the potential damages and costs.
In Other News: Why small businesses struggle with cybersecurity best practices
A recent report unveiled that almost 70% of companies have cybersecurity best practices in place but neglect to take the necessary steps for securing their business. The new study by ESET and Kingston Digital that surveyed 500 British business leaders also found that 44% do not even secure devices with anti-virus software, exposing themselves to cyber threats and GDPR fines.
The reason? A disconnect between the procurement teams responsible for providing equipment, IT teams who implement guidelines, and employees who follow them. To shift the paradigm, security professionals must work closely with other departments to avoid silos and use the right tools to ensure employee adherence.