Reply To: OCU ISSO Week 4 Lesson 14 Discussion
Unfortunately, I have been the victim of several of the security issues listed in the textbook, especially when our company first had access to the internet and my parents were in charge of the business. The first one on the list was bad password hygiene. I have to take most of the blame on this one because it happened within the last few years. I decided it would be a good idea to try out a cloud-based bookkeeping program. I set it up using what I thought was a strong, secure password. I got all the customer information, banking information, payroll, reports, vendors, and tax information uploaded to the cloud. Everything was good for the first month or so, but then I had customers calling me asking me why charges were being made on their credit cards from my store. It took me a while to figure out what had happened. The password I thought was strong and secure turned out not to be so strong and secure. Someone had accessed my cloud storage and got over 330 customers’ data. Data that included banking and financial information, address, phone numbers, and email addresses. Luckily the cloud-based program fixed the problem right away and the charges that had been made on the customer’s cards were all refunded except for $1100 which our insurance took care of. I learned a very valuable and expensive lesson about how I set my passwords and where I store them.
The second security issue that I have been a victim of is phishing. This happened to my wife and I years ago. She was looking for a legit online work-from-home job. We found one and talked to the people and everything seemed good. We paid them $199.00 (which should have been our first clue) and they emailed us all the paperwork. That was the last we heard from them but they continued to take $69.99 out of our checking account each month. We talked to our bank and we filed a police report but there wasn’t much they could do. It cost us several hundreds of dollars and we lost our checking account because they kept letting the money be deducted and it put us in the hole more and more each time. Needless to say, that was another expensive lesson to learn about security threats. If I had known then what I know now, I wouldn’t have even thought about giving them our information.