Since 2011, the number of data security incidents relating to mobile devices appears to be on the rise, according to Advisen’s Loss Insight database. Mobile device data breach cases still remain in the low numbers, relative to other types of data breaches. However, several incidents have affected thousands of consumers.
The primary targets for data theft appear to be private photos stored on mobile devices. A website called “yougotposted.com” features in a few of the cases, with private photos being stolen from devices and posted online. Best Buy and Sprint were both called out by consumers for inappropriately accessing personal photos of customers while their phones were either being serviced by employees or sold for refurbishment. In another case, a service called PChome Online Inc. mistakenly published members’ private photo albums. Advisen data show that personal privacy is most frequently the casualty of mobile device data breaches.
In another sort of hacking, attackers set their sights on the revenue from online ads that pop up in several free mobile applications. Data from a service called Virus Bulletin showed that on Aug. 23, 2014, at least 75,000 mobile iOS devices had been infected with a malware called “AdThief.” Other mobile device malware attacks have focused on stealing personal details and banking information.
A few cases demonstrated the risk inherent in mobile devices – that tablets, phones and laptops used for business purposes can simply be lost, potentially with a large amount of sensitive data. Advisen information included at least three cases affecting thousands of consumers. While in at least two of these cases, there was no evidence that the data had been misused, state laws require the reporting of the breach and notification of consumers. In a case from England, a BBC journalist Nick Robinson lost – or was the victim of the theft of — his mobile phone containing contact information for many high-placed British figures.
Finally, several cases included faulty security on a variety of mobile applications, including Yahoo’s fantasy football draft software, a ransom attack on Apple users in Australia, and a few Microsoft Windows phone applications.