AT&T. Advance Auto Parts.  Rite Aid.  What do all of these have in common? 

If you guessed “large companies which have experienced massive data breaches in the past few weeks,” you win the grand prize!  The Advance Auto breach impacted 2.3 million people – employees and job applicants alike.  Rite Aid’s breach was similar – about 2.2 million people.  In both of these cases, cybercriminals stole personal information about these users – names and addresses, DOB (in Rite Aid’s case), driver’s license information, and social security numbers (in the case of Advance Auto).  In the case of AT&T?  Well, it’s a just a shade worse – 110 million users (or “nearly all” of their customers!) had call and text records exposed.  Whoops! 

Note also that while writing this blog, we personally received a “your data has been stolen” note in the mail from Ticketmaster! 

We might glean any number of lessons from these breaches – the latest tactics used by the criminals, the holes in these companies’ cyber defenses, or various market and personal consequences of such massive breaches.  But what we’d like to point out is something slightly different:  the publicity of these breaches and what lessons SMB owners in the CSRA might learn. 

Ask yourself: why do we know about these breaches?   

You might not think the “why do we know” is an important question, but actually it is vital to understanding your own risk as a business owner.  We know about these breaches precisely because they are so massive and impact so many users.  You say, “Okay, so what?  Cybercriminals target these big brands all the time because they have the money.  Cybercriminals don’t pay much attention to me – I’m off their radar.  I’d be hearing more about this in the news if businesses like mine were being targeted.” 

So why don’t you hear about businesses your size being targeted?  Is it because they aren’t actually being targeted?  NOPE.  You do not hear as much about local and regional cyber breaches because, simply put, the size and scope of the breaches do not impact so many people across the country.  But these breaches are happening regularly in the CSRA and to businesses of your size. No business is going to publicize its own security breaches except so far as it impacts public relations.  Sure, a hacked business will (or should) tell their customers.  But local businesses in the CSRA are not voluntarily broadcasting their cyber security issues on local news channels, in local newspapers, or at local business meetings.  Advance, Rite Aid, and AT&T have to publicly acknowledge these breaches at to some point in order to neutralize negative perceptions of their national brand – people WILL find out.  Local businesses simply have less incentive to go public, and cybersecurity “watchers” have fewer incentives and resources to dig into local or regional cybercriminal activity. 

As a local business for 20 years, BIT Services is established in the local business community and is well-versed in the latest IT and cybersecurity trends. As a managed IT service provider, BIT Services can be your “ear to the ground” on local cyber threats.  In fact, we offer a FREE Network Security Assessment!  This assessment reveals weaknesses in your computer security that leave you vulnerable to cybercrimes like the ones above. (PRO TIP: after countless assessments, we’ve never found a network that DIDN’T have vulnerabilities!)   

Contact us at (803) 226-0837 or info@bitservices.us to schedule your FREE Network Security Assessment or to discover how we can help meet your business IT goals!