TAIT, one of the world’s leading live event solutions providers, disclosed a data breach that led to the exposure of personal and financial information stored on a server and on the email accounts of some of its employees. The TAIT group of companies (Brilliant, Kinesys, Production Glue, Stage Technologies, TAIT UK, and TAIT Navigator) employs over 900 people in 14 office locations around the world and has been a provider of live experience solutions in over 30 countries, on all seven continents. TAIT “worked on 17 of the top 20 highest-grossing concert tours of all time” [1] and its client roster includes NASA, Disney, Universal, Nike, Metallica, U2, Microsoft, MTV, The Olympics, Eurovision, The Rolling Stones, AC/DC, and many others.
The TAIT data breach underscores the cascading effect a breach such as this can have on a company and its customers. While we haven\’t yet confirmed that any TAIT customers have been affected by the breach, there is a possibility that the companies TAIT has worked with – such as NASA, Disney, Universal, Nike, Metallica, U2, Microsoft, and numerous others – could be affected.
Many data breaches like the TAIT breach are caused by employees and executives opening attachments or clicking links in emails from an unidentified third-party sender. Educating employees about the risks of indiscriminate link clicking has never been more important than it is in today\’s always-connected world.
The fact that TAIT did not already have two-factor authentication in place highlights the lack of education around basic cybersecurity even in large organisations. Two-factor authentication is one of the five fundamentals of cyber hygiene that every business should have in place and which prevent up to 99% of attacks. It\’s very important for parent companies to hold their subsidiaries to high standards for security. With an interconnected network like this one, one breach of one employee\’s computer across the world can have devastating impacts for the entire organisation. Particularly if the threat goes undetected for months as it did in this case.