Top 5 Software Glitches and Breaches of 2018Cigniti Technologies
Listen on the go!
Industry reports estimate that over a billion people have been affected by Software failures and glitches occurring across various industries and domains. The 2018 Software Fail Watch report from Tricentis — an analysis of the software failures, defects, and vulnerabilities covered by news organizations from around the globe — investigated 606 failures that affected over 3.6 billion people and caused $1.7 trillion in lost revenue. Interestingly, the report further states that ‘Retail and consumer technology industries experienced the most software failures of any industry analyzed — making the news an average of 19 times per month.’
We have put together top 5 software glitches and breaches in 2018 that kind of sum up the growing concerns around cyber threats and software failures that are expected to affect almost every industry.
1. Google shutting down Google+
In a recent development, Google announced its plans to shut down Google+, a consumer version of its social network. This happened after they announced that data of almost 500,000 users was compromised due to a bug that was present for more than 2 years. At the same time, the company mentioned that there was no evidence of misuse of any kind of data or any scope for vulnerability. It has been reported that Google will be shutting down Google+ consumer version over the next 10 months.
2. Equifax data breakdown
Equifax breakdown has been one of the most prominent data breaches, where sensitive data of millions of Americans got exposed. It included passport details, drivers licence details, social security number, and much more. This affected the data of over 146 million consumers. The disclosure was made by the Securities and Exchange Commission and given to congressional committees who were investigating the breach.
Incidents such as these prominently estimate the growing significance of Digital Assurance and Testing in the overall QA scheme.
3. Facebook’s Data Scandal
Facebook’s data breach that was reported and disclosed in March 2018 was powered by a political data firm named Cambridge Analytica. The firm collected personal information of about 50 million Facebook users by using an app that was able to scrape details of the user’s personalities, social networks, and other engagements on the social network. Since then Facebook has been facing scrutiny via various data sourcing applications such as Nametests.com.
Incidents such as these lead to a serious dent on the brand’s reputation, resulting in numerous interrogations and media confrontations. Losing out on the brand’s credibility is one of the scariest things that any business can face. Hence, a lot of focus is being diverted on not only ensuring performance, but also on validating security of the platform.
4. Sacramento Bee Records Breach
As many as 19.5 million records were breached from the two databases owned and operated by The Sacramento Bee, a daily newspaper published in Sacramento, California. These IT assets comprised the California voter registration data that was provided by California’s Secretary of State. Apart from this it also included the stored contact information of the subscriber base for the newspaper. The attacker demanded a ransom for releasing this data to the organization. Ultimately, the daily deleted the database to avoid any further risks and attacks.
Ransomware attacks have been one of the most prominent kind of attacks on all segments of organizations in the recent history. These risks are increasing, reinforcing the need for robust security testing and data safeguarding measures.
5. Ticketfly gets vandalized
In May 2018 Ticketfly confronted an attack that vandalized its concert and sporting-event ticketing website. This resulted in total disruption almost for a week when the website had to be taken down. Apparently, the hacker had alerted Ticketfly about a vulnerability and had asked for a ransom to get it fixed. Eventually, when the company refused the same, the website was hijacked and the homepage was replaced with customer and employee data. The data was pretty sensitive, which included, names, addresses, email addresses, and even phone numbers of as many as 27 million Ticketfly account holders.
Cigniti’s Digital Assurance solutions address the multifaceted needs of digital testing. We strive to do this by conducting comprehensive testing across your digital value chain and the entire digital ecosystem. The solution draws on our vast experience in the digital domain and leverages our value-adding elements such as reusable test assets and in-house suite of testing tools and accelerators. Our Digital Assurance solutions transcend functional validation of Social, Mobile, Analytics, and Cloud stack (SMAC) and encompass interoperability, network capability, performance, and security aspects.
Cigniti offers end-to-end security testing services including Network Penetration Testing, SCADA Network Vulnerability Assessment and Penetration Testing, Web Application Penetration Testing, Wireless Network Assessment and Penetration Testing. This practice consists of over 100 security testing professionals who hold certifications such as Certified Ethical Hacker (CEH) and Certified Security Analyst (CSA).