These days, even the most gainfully employed people fear for their job security, and they have plenty of reasons to fear. Many of the new laws relating to employment decrease protections for workers instead of increasing them. Even worse, if you are chronically online, then you are probably being bombarded by content about how, in the near future, generative artificial intelligence will make your job obsolete; no matter what your job is, there is a writer somewhere writing, or a chatbot unthinkingly combining words, to the effect that your job will soon be able to do itself without your input. Even the most work-averse doomsayers can agree, though, that cybersecurity is a growth field.
With so many computers doing so much work, an obvious way to make trouble is to interfere with the computers and make them share secrets that they were supposed to be protecting. The threat of data theft has existed for as long as businesses have been using computers, but today, so much economic productivity takes the form of data stored and transmitted on computers and similar devices that a workplace data breach today is even more devastating to all the affected parties than such a data breach would have been in the days of clunky desktop computers operated by an external mouse.
The Boulder data breach lawyers at HKM Employment Attorneys LLP can help you protect your company’s devices from data breaches and help you deal with the resulting legal actions if customers or employees suffer data theft because of a breach at your organization.
Why are Data Breaches So Devastating?
A data breach happens when an unauthorized person accesses the data stored on a computer or computer network. There are as many ways to breach a device as there are motivations for doing so. These are some common ways that cyber criminals breach the computer networks of businesses:
- Guessing weak passwords or using artificial intelligence to guess passwords, coming up with so many guesses that, eventually, they can even guess some of the strongest passwords
- Tricking employees into granting the scammers access to the device, such as by transmitting malware that appears to crash the computer and displays a phone number that claims to lead to a technical support call center that can repair it
- Phishing scams that deceive employees into typing passwords that appear to be on ordinary sites where employees enter their passwords, but which are actually visible to the scammers
- Transmitting viruses that steal data from the devices, even when the employee has not revealed a password to an unauthorized party
What kinds of data are scammers trying to steal? Usually, they want financial data that will give them access to other people’s money. They are looking for bank account numbers and credit card numbers. The grand prize is people’s Social Security numbers, because these will allow the cyber criminals to commit identity theft by impersonating the true owners of the Social Security numbers and to open credit card accounts in their names.
Business computer networks are a prized target for cyber criminals because they tend to store large volumes of just the kinds of data that scammers want. They have credit cards on file for thousands of customers. They might even have the Social Security numbers of all the employees on their payroll. Best of all for scammers, and worst of all for businesses, companies often store data on multiple devices connected by an internal network. Therefore, if scammers can get the login credentials to enable them to enter one employee’s work computer, they might be able to breach the company’s entire computer network and steal huge amounts of data. This means financial losses for the rightful owners of the stolen account numbers and Social Security numbers, and legal liability for the company that stored the data and failed to protect it from a data breach.
What Can Businesses Do to Prevent Data Breaches?
Most data breaches are preventable; if this were not the case, then data breach lawsuits would not be nearly as widespread as they are. A data breach lawsuit is a tort lawsuit, which means that the plaintiff alleges that the defendant harmed the plaintiff and is responsible for compensating the plaintiff for that harm. In other words, when customers or employees provide identification data, such as Social Security numbers, or financial data, such as bank account numbers, to a company, the company has a legal responsibility not to share that data with other parties without the consent of the original owner of the data.
The way to prevent data breaches is through a robust cybersecurity strategy. Cybercrime techniques are always evolving, and this means that cybersecurity must keep up with the threats, or even better, stay a step ahead of them. Companies of sufficient size have cybersecurity personnel on staff, but even small businesses can and should hire cybersecurity professionals on a contracting basis. At least once per year, a business should have a cybersecurity team examine the company’s computer networks and look for vulnerabilities. The fix could be something as simple as installing the most recent version of a firewall. Doing this can protect the company from costly lawsuits. Several years ago, a virus attacked the computer system of a large company, and thousands of customers had their data stolen. They filed a class action lawsuit and won, because Microsoft had released a patch to protect against the virus, but the company had not installed the patch on its computers.
Another simple fix is to make company devices hard to access. Require strong passwords to enter devices and accounts, and make employees change their passwords frequently, such as once every three months. Two-factor authentication when signing into company devices can also protect against cybercrime.
Contact HKM Employment Attorneys, LLP, About Data Breaches
The Boulder employment lawyers at HKM Employment Attorneys, LLP, can counsel you about filing a data breach claim. Contact the employment lawyers at HKM Employment Attorneys LLP in Boulder, Colorado, to set up a consultation.
