Back
Cyber Security Training & Software for Companies | MetaCompliance

Products

Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters

Back
Industry

Industries

Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 


Financial Services

Creating A First Line Of Defence For Financial Service Organisations

Governments

A Go-To Security Awareness Solution For Governments

Enterprises

A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives

Back
Resources

Resources

From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

Back
MetaCompliance | Cyber Security Training & Software for Employees

About

With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes

Leadership

Meet the MetaCompliance Leadership Team

MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

5 Examples of Security Breaches in 2018

header security breach

about the author

Share this post

Check out our latest post on the biggest security breaches of 2020

2018 has been the year of the data breach. Billions of people around the world have had their personal data stolen or exposed, and there has been a notable increase in the frequency and severity of security breaches taking place.

A recent report conducted by digital security company Gemalto, revealed that 945 security breaches led to a staggering 4.5 billion data records being compromised in the first half of 2018. This is the highest number of breaches ever recorded in a single six-month period and a 133% increase since the same time last year.

Regulators across Europe, including the UK’s Information Commissioners Office, have noted a steep increase in the number of data breaches being reported since the GDPR came into force on the 25th May.

Under the GDPR, organisations are now duty bound to report any data breaches to the relevant authorities within 72 hours of detection or face hefty fines of up to 4% of annual global turnover or 20 Million Euros.

The new legislation will ensure greater levels of transparency, accountability and responsibility in how organisations are storing and using personal data.

Identity theft is the main driver behind all cyberattacks and accounts for 65% of breaches and over 3.9 billion of the compromised data records this year.

External hackers have been behind the majority of all data breaches and Phishing remains the number one attack method. 72% of data breaches are related to employees receiving phishing emails, closely followed by accidental loss of data.

Click here to read about the biggest security breaches of 2020

Top 5 Security Breaches

Data breaches have affected every industry and corner of the world and below are 5 examples of the most prominent security breaches to have hit the headlines this year:

1. Exactis

Exactis

In one of the largest security breaches in history, Florida based marketing and data aggregation firm Exactis, exposed a database containing nearly 340 million individual records.

The breach was discovered in June when a security researcher found the data exposed on an unprotected server that allowed public access. The data included 230 million consumer records and 110 million business contacts. The number represented essentially every adult in the United States of America.

The data didn’t contain social security numbers or credit card information. However, it did include other types of Personally Identifiable Information (PII) such as phone numbers, home addresses, and email addresses. All the information needed by a criminal to commit identity theft.

Each consumer record also contained more than 400 variables that could be used to build a detailed personal profile of the individual. This included information such as hobbies, purchasing habits, marriage status, religious and political affiliations, vices and pet ownership.

Click here to read the five best practices to avoid a data breach

2. Facebook

Facebook

In September 2018, Facebook announced that an attack on its computer network exposed the personal data of over 50 million users. According to Facebook, hackers were able to gain access to the system by exploiting a vulnerability in the code used for the ‘View as’ feature.

Once this feature was exploited, the attackers were able to steal ‘access tokens’, which could be used to take over user’s accounts and gain access to other services. The breach also affected third party apps connected to Facebook, and as a precautionary measure, the company logged 90 million users out of their accounts and reset the access tokens.

The security breach is the largest in the company’s 14-year history and topped off a very turbulent year which saw the company deal with the fallout from the Cambridge Analytica scandal and the ongoing allegations that the platform was used in Russian disinformation campaigns.

The Irish Data Protection Commission has subsequently opened a formal investigation into the breach which could result in a fine of up to $1.63bn for the social media giant.

3. Cathay Pacific

Cathay Pacific

Hong Kong based airline Cathay Pacific suffered the world’s biggest aviation security breach after the data of up to 9.4 million passengers was exposed.

The breach was announced in October but took place in March this year when hackers gained access to 860,00 passport numbers, 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 card numbers with no CVV card verification codes.

Full data exposed in the breach included passenger names, nationality, date of birth, address, telephone number, email address, passport number, identity card number, frequent flyer membership number, customer service comments noted on accounts and historical travel information.

The airline faced severe criticism for its 7-month delay in reporting the breach and Hong Kong’s privacy commissioner has since launched a compliance investigation, stating the carrier may have violated privacy rules.

4. Dixons Carphone

Dixons Carphone

In June 2018, Dixons Carphone revealed a major data breach involving 5.9 million bank cards and the personal data of up to 10 million customers. The hacked data included names, addresses and email addresses.

The electronics retailer announced that in a review of its systems, it uncovered an attempt to gain unauthorised access to 5.9 million cards in one of the processing systems of Currys PC World and Dixons Travel Stores.

The group said there was no evidence of fraud as the majority of cards were protected by Chip and Pin and card verification value (CVV) systems, however around 105,000 non-EU cards without Chip and Pin were compromised in the attack.

When the group first reported the breach, they estimated that the data of up to 1.2 million customers was compromised, but the number has now jumped up to ten times more than initially thought.

Click here to read about Dixons Carphone data breach affecting 5.9 million customers

5. British Airways

British Airways

In yet another attack on the aviation industry, British Airways announced that a major security breach had exposed the personal data of 380,000 customers. The airline confirmed that over a two-week period, the personal and financial details of customers making or changing bookings had been compromised.

The breach took place between 21 August and 5 September 2018, and within this time frame, hackers were able to gain access to names, addresses, email addresses, credit card numbers, expiry dates and security codes. Travel and passport details were not affected by the breach.

The airline recently disclosed that the data of a further 185,000 customers who made reward bookings between 21 April and 28 July was also exposed, bringing the total number of affected customers to 565,000.

Related Articles

How to Protect your Business from a Data Breach

Five Cyber Security Myths putting your business at risk

7 Cyber Habits for Mid-Sized Organisations

Cyber Security Awareness for Dummies

Other Articles on Cyber Security Awareness Training You Might Find Interesting