Into the inbox plops another set of embarrassing security breaches at prominent companies or organisations….
Each morning one of the colleagues in my team sends an email informing us about any significant cyber security news. As a B2B technology PR firm with some significant clients operating in the cyber sector, it is of course essential for us to stay abreast and ahead of the curve, so we can use news of any breaches or security developments to secure opportunities for our clients to contribute to the news agenda.
But as conscientious as she is, my colleague seldom has to look too hard to find incidents in which personal data, passwords, cash or important intellectual property have been stolen by hackers.
On Thursday, for instance, we learned that social media site Reddit suffered a data breach but refused to disclose its scale. The breach was discovered in June when hackers obtained usernames and corresponding email addresses – information that could make it possible to link activity on the site to real identities. Encrypted passwords from a separate database of credentials from 2007 were also taken.
Reddit said it would inform those affected by the loss of historic data but would not be getting in touch with those impacted by the potentially much larger breach – a decision which led to criticism from prominent, independent security researchers. Their PR strategy was just to brazen it out and take a kicking from experts and academics.
Earlier in the week, Dixons Carphone announced that approximately ten times more personal data belonging to customers may have been accessed illegally last year than originally thought, affecting 10 million customers in all. Dixons, however issued an apology and is writing to those affected – a slightly different approach from Reddit, but still very embarrassing, given the massive size of the hack.
Seldom however, is there any news of police success against cyber-criminals, which is why the announcement, also on Thursday, that members of the Carbanak hacking group had been arrested was just as eye-catching as the hacking incidents themselves. This bunch has allegedly been responsible for theft of 15 million customer card details in the US, UK, Australia and France.
It’s heartening for international agencies led by the FBI to score a “success” such as this, but cyber-crime is not going to go away. State-sponsored hacking groups, Advanced Persistent Threats, darkweb vendors of exploit kits, political hacktivists and the traditional teenagers with personality problems are all at it and proliferating for a variety of different reasons.
But when you have a genuinely unique solution that really does tackle an important aspect of cyber security it can be very difficult to get your message across amid all the noise from the big vendors that surrounds any high-profile incident. That, we can say, takes the expertise of technology PR consultancy working with clients including Glasswall and the DMA UK, to ensure their message stands out from the crowd, resonates with the right audiences and adds value to the media reporting.