Due diligence needed to avoid data breaches – intentional or not

Drake’s database of job applicants targeted by hackers
By Sarah Dobson
|Canadian HR Reporter|Last Updated: 03/11/2013

It was early on a Monday morning when a number of senior people at Drake International received an unexpected email. A group called Rex Mundi claimed to have hacked into one of Drake’s databases and gained access to more than 300,000 job applicant records from Canada, Australia, New Zealand and the United Kingdom.

The Jan. 7 email apparently demanded Drake pay $50,000 or the data would be exposed, and the group eventually went on Twitter with a link to a website reiterating its demands.

But Drake did not respond to the threats and instead went to the police, who informed the company not to co-operate and rather focus on the issues at hand, said Tony Scala, vice-president of marketing at Drake in Toronto, “which was ensuring our database was secure and informing any of the individuals who might have been affected by the security breach.”