If there’s one thing we know about hackers, it’s that they’re opportunists: there is no company, organization or server they won’t try to access if the defenses are weak enough. This week, members of the Chicago Yacht Club learned that this same concept applies to the wealthy.
The yacht club discovered malware on its computer this past June, and sent a notice to its membership at the end of July. They discovered the club’s server had been compromised, and that hackers potentially had access to credit card numbers, address, names, and bank account numbers — all linked to some of Chicago’s most important business people.
Luckily, the bank and credit card data was encrypted, so it is less likely that the hackers were able to successfully use that information. The heist, however, highlights some troubling security flaws in a system that is holding the information of club members such as Chicago Blackhawks owner Rocky Wirtz and members of the Walgreen family.
“We have no reason to believe that any information contained on the server has been used improperly or even accessed,” said club Commodore Gerald Bober in a released statement.
As a result of the security breach, the club has planned to rebuild their software and replace their old servers with point-of-sale (POS) systems instead. The club has also taken on a security firm that will let them know if any suspicious activity occurs on their network.
“It’s very important to ensure you’re staying up to date with the latest security software and making sure you have the best available out there,” says Marcos Garza, CEO of Global 1 Resources. “Data centers especially need to ensure that they’re in compliance with securing facilities in terms of physical access. In addition to staying current with the best software security, companies should secure their servers using methods that don’t allow potential crooks access to company server cabinets physically.”
In many ways, the past few years have sparked a renewed public awareness of the high cost of data breaches. The well-known Target breach, taking place during the 2013 holiday season, has so far cost the company about $61 million — and even more money was lost as a result of a damaged reputation. Companies dealing with a breach are, in this way, hit twice.