We can spend a lot of time looking for the specific vulnerability or the specific person who was responsible for but didn’t apply some specific patch or update, but that’s looking at the problem in a way that won’t result in a real solution. I’m not excusing vulnerabilities, and I don’t in any way want to discount the impact that data breaches have on businesses and individuals: it’s easy to see the effect on companies. Let's look at some
Identity theft and the financial damage it can cause is incredibly stressful for those affected. I’ve been a victim myself: a past employer handed over all of the company’s W2’s for current and past employees, so Social Security numbers, addresses, salaries…all handed over to a phishing scam. That was bad—and has happened to millions of individuals—but ransomware that holds data hostage can be so much worse – especially in the case of WannaCry, where the broad range of organizations targeted included universities, telecommunications companies, utilities and, notably, 20% of the UK’s National Health Service. Unhealthy Ransomware Hospitals and healthcare providers.