Hollywood would have you believe that the "black hats" breach our systems through their technical prowess and mad cyber skills. Truth is, it's human error and broken processes that let them through the door.
So, how can I make such a bold statement? Well, it's not only me that believes this.
IBM's "Cost of a Data Breach Report 2024" cites stolen credentials, phishing and human error as the root cause of most breaches - and that's people and process.
Let's look at three high-profile breaches and their root cause.
Salt Typhoon Cyber-Espionage (2024)
The breach that shouldn't have happened
When a hacking group known as Salt Typhoon went after U.S. telecom giants, it didn't use technical wizardry or cutting-edge malware; they leveraged unpatched Cisco routers.
You got that right; critical infrastructure was left unpatched!
The hackers allegedly got access to call log data, text metadata and wiretap systems used by law enforcement.
Root Cause:
- Failure to apply critical security patches - a basic mistake
- Lack of proper network segmentation - letting hackers more freely
- Poor security monitoring - leaving the breach undetected for too long
All three can be attributed to human error and process failures.
The fallout? Regulatory agencies like the FBI and CISA had to step in with emergency directives, and telecom providers faced a significant hit—not just in reputation but in remediation costs and government scrutiny.UnitedHealth
UnitedHealth Group Ransomware Attack (2024)
The Billion Dollar Hack
In one of the worst healthcare breaches in U.S. history, UnitedHealth Group’s subsidiary, Change Healthcare, fell victim to a ransomware attack by the notorious BlackCat (ALPHV) gang.
The attackers didn’t need sophisticated hacking tools—they used stolen employee credentials to log in and unleash chaos.
Once inside, they encrypted critical healthcare data, effectively paralyzing hospital billing systems and pharmacies nationwide. The company paid a $22 million ransom, but guess what? The hackers leaked data anyway.
Root Cause:
- Stolen Credentials - possibly from phishing or social engineering
- No two-factor authentication - allowing the credentials to work
- A slow response - allowing ransomware to spread
The right processes and training could have prevented these issues.
The financial hit? $3.09 billion, according to UnitedHealth. That includes ransom payments, system recovery, legal battles, and lost business. The reputational damage? Priceless.
Fidelity Investments Data Breach (2024)
A gaping hole in account security
Fidelity Investments, one of the largest financial firms in the world, suffered a breach not because of a high-tech hack but because attackers were able to create two fake customer accounts—and those accounts had enough access to pull sensitive data on 77,099 real customers.
This breach wasn’t a brute-force attack or a database hack. It was an account creation loophole that lets cybercriminals access personal details like Social Security numbers and driver’s license information.
Root Cause:
- Poor account verification, allowing attackers to create fraudulent accounts.
- Weak access controls granted permission to these fake accounts, which they should never have had.
- A lack of proactive monitoring left the breach undiscovered until the hackers caused significant damage.
Once again, human error and poor security processes opened the door to these hackers.
Learn more in our post: The Human Factors in Cyber Security
The aftermath? Fidelity is now facing class-action lawsuits, legal investigations, and an expensive cleanup operation that offers affected customers two years of free credit monitoring.
The Truth: Cybersecurity is a Human and Process Problem
Companies could have prevented these breaches using better security hygiene, stronger authentication measures, and proper monitoring.
There are no ultra-sophisticated hacking techniques or sophisticated tactics—just exploiting the same human and process failures that have plagued cybersecurity for years.
If there’s one takeaway, it’s this: Cybersecurity isn’t just an IT security problem—it’s a people and process problem. Until organizations start treating it that way, these breaches will continue.
Want to avoid becoming the next headline? Start by thoroughly assessing the people and processes behind your IT systems!
