No One Is Safe from a Database Breach

The recent spate of database breaches across the U.S. shows that no one is safe, not even the U.S. military. From Google to Bitcoin dealers, below are some of the biggest database breaches of 2013 so far.

1. Google: Operation Aurora, part of Chinese counterespionage efforts, has left an even more lasting impression after the discovery of a breach of one of Google’s internal databases that happened during the attacks in 2010. This particular intrusion was an attempt by Chinese hackers to learn which of its operatives U.S. officials were investigating.

The particular company penetrated used a system to archive information dealing with surveillance requests from law enforcement officials investigating Google users. It was this gathering of information into one area that made it easier for hackers to get the information they sought. This database breach goes to show that database managers also need to consider the value of any information to the attackers when doing any kind of risk analysis.

2. Bitcoin: Even in the dirty underbelly of the cyber underworld, cyber criminals still need a way to move money around. Bitcoins, a form of digital currency, have come to be a mainstay for cyber crime organizations to launder virtual currency with anonymity. Such activity has also led to the attack on the exchanges that control Bitcoins themselves.

Instawallet recently had to close up shop due to such attacks on its database, mainly because of fraudulent access. Such breaches provide a prime example of the need to fully secure such databases important to the operation of online currency exchanges, otherwise a shutdown could occur and irreparable harm done to the business in question.

3. U.S. Army: Another high-profile database breach deals with the U.S. Army and the nation’s dam sites. While the details remain murky on the intent of the individual seeking access, attackers used fraudulently obtained user credentials to gain access to a U.S. Army Corps of Engineers database containing critical details of dams across the U.S. The Army revoked the credentials but not before the information was exposed. Incidents such as these show that not even the most highly secured databases are safe, especially when dealing with access control issues.


For more information about the risks of database breaches, visit:
http://www.darkreading.com/database/5-big-database-breaches-of-spring-2013/240155864