Luxury Auto launched a new website allowing users to schedule test drives, schedule and monitor the progress of repair work, and process payments. One month after the website launched, the website was compromised by a DDoS attack by a hacker. It took nearly a week for Luxury Auto’s IT staff to bring the website back online. They had been the victim of a DDoS attack that disabled the company’s network and online services.
Smith & Smith, LLP, a mid-size law firm, held confidential information on many of their clients, as well as information on merger opportunities. A hacker based in Russia gained access to their computer system and sent an email with a copy of a merger plan scenario and files on one of the firm’s clients. The hacker threatened that unless they are wired $250,000 they would not only shut down the firm’s computer systems, they would also publish all the data obtained from the system.
Digital Asset Loss
XYZ Architecture just put the finishing touches on a set of 3D CAD drawings for a new academic building at a local university. The firm sent out an internal communication thanking everyone for their hard work on the project and announcing that the job was nearly ready to deliver to the project owner. Later that night, a disgruntled IT administrator accessed and destroyed the CAD files, destroying months’ worth of hard work and putting the firm in danger of losing its contract with the university.
An employee of an oilfield equipment rental company lost a flash drive containing credit applications for several large oil contractor clients.
Telephone Toll Fraud
ABC Engineers installed a VoIP telephone system in their new office location. The firm had several international projects and the VoIP system offered by their local telephone carrier had attractive rates on international calls. Two months after opening the new location, ABC Engineers received a telephone bill totaling $175,000. Upon investigating the phone bill, they discovered hundreds of calls placed on the last Saturday of the previous month. They determined they were a victim of telephone toll fraud. Hackers had breached their VoIP system and routed hundreds of phone calls through a premium 900 number. The phone carrier claimed ABC Engineers did not have strong internal controls in place and refused to let them out of the bill.
Website Media Liability
A non-profit organization hired a freelance graphic designer to create a series of new logos. The graphic designer created more than a dozen options to choose from and the marketing manager
at the non-profit decided on four. They then uploaded the logos to their website and used them to promote fundraising events on social media. After a few days, the executive director of the non-profit received a cease and desist order from a law firm representing a local company. The company claimed the logos used were identical to their own trademarked logos.
Download a printer-friendly version.