Published on June 23rd, 2019 | by Bibhuranjan0
6 Vital Lessons We Can Learn from High Profile Data Breaches
Major data breaches have affected many high profile companies in recent years. So much so, the news of a large-scale data breach almost isn’t surprising anymore. Though breaches are more common than ever before, they remain extremely costly for big businesses. In fact, the average cost of a data breach is $3.86 million.
The issue lies in the fact that executives have an “It won’t happen to me” attitude. One example of the widespread lax approach to cybersecurity is the fact that 30% of companies have more than 1,000 sensitive folders which everybody can access. Essentially, we need to take cybersecurity much more seriously and learn from the mistakes of others to minimize risk.
1. Never Store Data in Third-Party Repositories (Uber)
In November 2017, Uber admitted that they had covered up a massive data breach which exposed the information of 57 million customers and drivers. The hack occurred in October 2016 and the company paid those responsible $100,000 to delete the stolen data and keep schtum about the attack.
What went wrong? Uber’s software developers stored private login data on GitHub. So, the first lesson here is to only use third-party repositories like GitHub for distribution, tracking and project collaboration – never to store private data.
Furthermore, you must notify customers in the wake of a data breach to retain positive customer perception and so that customers can protect themselves. For instance, you may wish to recommend the following:
- Change affected passwords.
- Start using an encryption tool e.g. a free VPN.
- Contact financial institutions to alert them you are at risk of fraud.
2. Insider Threats Pose a Major Risk (SunTrust)
In April 2018, financial services company SunTrust revealed to 1.5 million customers that their sensitive data may have been stolen. This data included names, phone numbers, addresses and details related to their account balances. What’s most shocking about this breach is that the data was taken by a former employee in the hopes of exploiting SunTrust.
Companies need to realize that insider threats are a common form of breach. Security practitioners reported 3,269 insider incidents last year and most were due to employee or contractor negligence. To prevent insider threats you need to restrict access to sensitive data and have strict offboarding policies, in which access to important systems and services is removed immediately.
3. Authentication and Verification Processes Need to Be Stronger (Quora)
Question-and-answer site Quora suffered a major data breach in December 2018. Hackers gained access to the email addresses, IP addresses, passwords and further personalization information of its 100 million users. This stolen information could be used to access users’ other accounts.
People use the same passwords over and over. It’s understandable when you think about how many accounts require passwords. Thus, passwords just don’t cut it as a means of authentication anymore. Biometrics may be the way forward to ensure a more secure means of logging in to personal accounts.
4. Attacks Can Be Prevented Through Basic Cybersecurity Measures (NHS)
British health service, the NHS was hit hard by the WannaCry ransomware attack in 2017. Malware infected computers at GP surgeries, hospitals and NHS trusts. This resulted in 19,000 canceled appointments and costs of almost £100 million.
There is a vital lesson to be learned from this incident. Hackers entered NHS networks via outdated software, more specifically, the NHS was still using Windows XP. The attack could have been prevented as Microsoft developed a patch which would have stopped WannaCry prior to the incident. The lesson here is simple: continually update your software and servers.
5. Quality Assurance Testing is Critical (Facebook)
In September 2018, a data breach exposed the personal information of 50 million Facebook users. Hackers exploited a vulnerability in Facebook’s code which allowed them to access user accounts and conceivably take control of them.
Unfortunately, when it comes to complex and robust platforms such as Facebook, security oversights do happen. Companies aren’t always aware of or able to detect vulnerabilities and security issues. For this reason, quality assurance testing and bug bounties are key. You need to think like a hacker to protect your software before hackers make their move.
6. You Need an Incident Response Plan (Panera Bread)
Back in April 2018, KrebsOnSecurity posted about a large-scale data leak from Panera Bread’s website. The leaked data included customer names, email/physical addresses, birthdays and the last four digits of their credit card numbers. But that wasn’t the most shocking thing about this case. Security researcher, Dylan Houlihan, reported the leak to the company eight months prior to its resolution.
Companies should follow up on tips from bug reporters. It goes without saying that a prompt response is necessary when faced with a data breach. Therefore, it’s a good idea to have an incident response plan in place in case of an attack.
All in all, a careless approach to cybersecurity can have devastating results. These high profile incidents are the result of major missteps. Yet, if you learn from others’ mistakes you can better protect your business. Now it’s over to you. Are you aware of any cybersecurity failings within your business which need to be resolved?