Five Big Database Breaches Of 2011's Second Half

Healthcare breaches dominate since the summer, with plenty of lessons learned
3. The Breach Victim: Sutter Physicians Services and Sutter Medical Foundation
Assets Stolen/Affected: Personally identifiable information of 3.3 million patients supported by Sutter Physicians Services and medical information of another 934,000 Sutter Medical Foundation patients.

The data in question was stolen from Sutter Medical Foundation offices when a thief made away with an unencrypted desktop computer over one weekend in October. Sutter Health is currently being sued not only for negligence in safeguarding computers and data, but also for failing to notify patients according to California state mandates.

Lessons Learned: Physical security is obviously paramount in ensuring that desktops aren't made away with by cat burglars. But there are other lessons here, namely in the fact that the data was not encrypted and that such a sizable chunk was sitting on a desktop in the first place. Many enterprises today get into trouble when huge repositories of data are taken out of the database and transferred to unsecured endpoints.

4. The Breach Victim: SK Communications
Assets Stolen/Affected: Thirty-five million names, email addresses, phone numbers, and resident registration numbers of social media users at South Korean sites Cyworld and Nate.

In mid-July, hackers working from IP addresses originated in China infected 60 of SK Communications' computers and used that foothold to hack the company's database stores. The infections allowed them to gather enough access credentials to hack and exfiltrate data from the databases. The loot they made off with was personal information of about 90 percent of South Korean Internet users.

Lessons Learned: This case shows how critical layered security, effective network segmentation, and database monitoring are to both preventing and detecting large-scale database leaks. Hackers often use malicious infections on other network devices to begin the multistep process of cracking even the most strongly fortified database infrastructure.

5. The Breach Victim: Valve, Inc.
Assets Stolen/Affected: Personally identifiable information for 35 million users of Valve's online gaming site.

Steam, the back-end database that runs the online video distribution site run by Valve, was compromised in November, coughing up encrypted credit card numbers and other personally identifiable information for its 35 million users.

Lessons Learned: Public details of how exactly the hackers busted into Steam's database are limited, but what is interesting in this case is the bit of silver lining it offers compared to other similar breaches during the past 18 months. Though hackers did have their way with Steam's databases, risks were hugely mitigated because credit card numbers were encrypted and user passwords were salted and hashed, minimizing the impact hackers could make with the information available through their theft.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.