Monsanto admits to hacktivist breach in March
Monsanto has been a hacktivist target for several years, and this week the US agricultural giant admitted discovering the leak of sensitive customer and employee data as a result of a hack that had occurred last March.
The breach, affecting Monsanto's specialist farming equipment division, is not believed to have been an attempt to steal customer information, however the fact that such data was compromised in process has lead to this public acknowledgement. To counteract the ongoing risk, Monsanto has offered a year of credit monitoring services to those affected.
“Having sensitive data of customers and employees combined on the same server is a simple mistake that is made all too often,” Jody Brazil, president and CTO at FireMon, commented in an e-mail to SCmagazineUK.com.
Calling this practice the “the cybersecurity equivalent of putting all your eggs in the same basket,” Brazil advises to instead segment the network and distribute sensitive information across different servers on appropriate network sub-segments to effectively limit the damage potential.