The Top IT Fails of 2014
IT departments are usually a behind the scenes powerhouse. Keeping their organizations able to work day to day, and for the most part, able to function. IT departments are often the unsung heroes in every business. Sometimes they can become the focus of attention, however, in a not so good way.
It’s not hard to let something slip by, especially with such immense responsibilities. Often times, it’s the case of hackers or broken legacy systems, and occurs outside of the departments’ control. Nonetheless, last year had quite a few big IT screw ups.
Let’s take a look back at the top IT fails in 2014.
For a company that used technology to revolutionize the consumer retail sector, eBay’s data breach looked especially bad. The 145 million users that the breach affected was actually more than that of the customers involved in the Target breach in that of December 2013.
The breach was caused by malicious listings being accessed through eBay with the use of cross-site Java scripting in combination with phishing tactics to gain passwords and customer’s data. This security flaw existed for months on eBay before it was flagged resulting in an extensive class action lawsuit now being filed.
Home improvement retail giant, Home Depot came under scrutiny when they found malware on their point of sale system. This malware had been installed for over five months resulting in over 55 million payment cards being compromised.
This was even after former IT employees at Home Depot said that security was lacking at the retailer due to use of extremely outdated software.
Unfortunately, Apple’s IT department has very little fault in this one. In September of 2014, hundreds of personal photos of celebrities were leaked due to targeted attacks on their personal iCloud accounts. Apple continues to deny that their security systems were actually breached, and the “hack” stemmed from bad password management. However, Apple quickly released some security patches “just in case”.
Quoted as “one of the worst bugs the internet has ever seen”, the Heartbleed bug was discovered by independent Google research group Codenomicon. Over 81% of all websites that claim to be secure were affected by the Heartbleed Bug, which was present for more than two years, but was only discovered in April of 2014.
The sites affected are ones that use the OpenSSL certificate which encrypts and protects customer data and information. This information is only be deciphered when using cryptographic keys. The bug made it possible to obtain, not only those keys, but also the information those keys were trying to protect.
The more egregious of IT Fails of 2014, was the Sony Pictures Hack in November of 2014. Originally reported as a hack by North Korea in retaliation for the production of the movie “The Interview”, the Sony Hack showed complete negligence of security at the corporation. The hack revealed folders labeled “Passwords” and Excel spreadsheets of employee social security numbers.
Although reports differ on who the perpetrators are, China became involved in the investigation, resulting in North Korea’s only channel to internet (and connection to the outside world) being shut off. The hack also lead to a terrorist attack threat on the movie's premiere, which resulted in the premiere being cancelled, and movie theaters refusing to show the film.
2014 was a big year for big IT fails, and companies on the other side of these fails means heads will roll. 2015 will mean more and more IT fails. Just make sure you’re not in the spotlight for all the wrong reasons.