US notified 3,000 companies in 2013 about cyberattacks

US notified 3,000 companies in 2013 about cyberattacks (Washington Post, 24 March 2013) – Federal agents notified more than 3,000 U.S. companies last year that their computer systems had been hacked, White House officials have told industry executives, marking the first time the government has revealed how often it tipped off the private sector to cyberintrusions. The alerts went to firms large and small, from local banks to major defense contractors to national retailers such as Target, which suffered a breach last fall that led to the theft of tens of millions of Americans’ credit card and personal data, according to government and industry officials. “Three thousand companies is astounding,” said James A. Lewis, a senior fellow and cyberpolicy expert at the Center for Strategic and International Studies. “The problem is as big or bigger than we thought.” The number reflects only a fraction of the true scale of cyberintrusions into the private sector by criminal groups and foreign governments and their proxies, particularly in China and Eastern Europe. The estimated cost to U.S. companies and consumers is up to $100 billion annually, analysts say. In most cases, the company had no idea it had been breached, officials say. According to Verizon, which compiles an annual data-breach survey, in seven out of 10 cases, companies learn from an external party – usually a government agency – that they’ve been victimized.

Provided by MIRLN.

Image courtesy of Miles.