The Dow Jones, which owns business oriented outlets like the Wall Street Journal, is synonymous with wealth and power. Most people only know of it in terms of investments and playing the stock market, and therefore it makes a logical “big fish” kind of target for hackers. After all, successfully infiltrating their stores of data could result in a tremendous payoff of information on some of the country’s wealthiest people.
And that’s why the information that was stolen in a recently uncovered data breach is somewhat perplexing. Investigators believe that between August 2012 and July 2015, cyber thieves began accessing information stored on subscribers in the system. This breach was discovered in July 2015, and experts are working to close the security flaw that allowed the breach to occur.
So what happens to some of the world’s wealthiest people when cybercriminals manage to nab their private information? They get emails.
According to the investigators in this particular incident, hackers appear to have stolen names, addresses, email addresses, and other similar information, not account numbers, Social Security numbers, or other financial data. What could they possibly want with a millionaire’s email address? The ability to target that individual with offers, solicitation requests, spam, or even phishing emails.
It might seem pretty pointless to steal a list of email addresses, but hackers know that if they can get the recipient of a phishing email to click an included link in the message, then the chances for installing invasive malicious software on the victim’s computer are great. In many cases, once that harmful software is installed, the hackers can use it to root around in the victim’s hard drive, cloud storage, email inbox (which would presumably contain email addresses for other industry leaders to target), and more. Currently, however, investigators into this breach have only discovered the intent to solicit the victims with requests.
The takeaway from this is that no piece of personal information is safe in a hacker’s hands, no matter how inconsequential it might seem. The Target data breach occurred through a similar scenario, for example. With this kind of access and a few simple human errors, the potential for further damage is almost limitless, and demonstrates again what the data security industry has been following in recent weeks: financial identity theft is still the top form of the crime but it’s losing ground to other forms that have the potential for long-term damage. Cybercriminals are no longer content with credit card information or bank account numbers, having discovered that there is even more money to be made from stealing other types of data.