A data breach happens when your confidential, sensitive, and private information accidentally or deliberately gets compromised and released to an unsecured environment. A security concern arises when sensitive data gets transmitted over the internet. The internet allows the continuous nonstop transfer of information, making it susceptible to cyber attackers to breach data at any location, business, or individual.
All over the world, data gets stored digitally. The servers storing them, whether physical or virtual, are subjected to various types of cyber-attacks.
Who are the targets for a data breach?
Large corporations are the main targets of malicious actors who benefit from such attacks. The data consists of millions of individual users' personal and financial information. It also includes other sensitive data of business. Thus, the data is highly confidential and can earn the attackers extensive monetary benefits. Attackers earn in two ways. One is that they sell the data to buyers on the dark web for money. These data are in great demand as they contain logins credentials and credit card, bank accounts details, etc. The other is when attackers encrypt businesses' critical data and demand ransom for not making it public and decrypt, so the company is up and running.
Modus operandi of Data breach
Stolen or lost credentials - By logging into someone's credentials, one can access the data. Attackers use phishing or brute force method to get login and passwords. One can also lose their smartphones and laptops, which can cause confidential information to fall into the wrong hands.
Social engineering attacks - This is a manipulative way to get information. For example, one may call and pose as Relationship Manager of the victim’s bank and convince them to share their account details.
Insider Threats - It happens when employees get access to protected data. They steal them and use them later for monetary gain. For example, Restaurant or shopping malls employees copy customers' credit card information when processing the transaction. Others like employees working in sensitive Government organizations stealing classified data and selling them to foreign states.
System vulnerability - Organizations use various software which is not fully protected. Attackers attack their vulnerable points and access the system from where they copy the data.
Malware attacks – Attackers implant malware in the system through phishing methods to get login and system control. This malware stays inside the system undetected and is used for stealing data and for encrypting it.
Unprotected Server or web app – If the webserver or apps are not secured properly, they can get exposed to attackers on the internet.
Lack of encryption - eCommerce sites are SSL/ TLS encrypted, which means online payment transactions are safe as personal or financial information between the user and eCommerce website is not visible to anyone during transmission.
Incidents of data breaches
Alibaba - 2019
The Alibaba attack in 2019 was an example of a data breach. 1.1 billion users' data were stolen over eight months by a developer associated with Alibaba as an affiliate marketer. The attacker used crawler software to get the usernames and their mobile numbers from the Alibaba shopping website.
LinkedIn – 2021
LinkedIn, a professional networking company, saw data associated with 700 million users posted on a dark web forum in June 2021. It impacted 90% of its user base. The hacker used the data scraping technique by breaching the site’s API and extracting 500 million customer data in the first tranche. The leaked information contained email addresses, phone numbers, geolocation records, genders, and other social media details.
Equifax - 2017
Another example of a massive data breach happened in 2017. Millions of private records of American, Britishers, and Canadian citizens' records got accessed by malicious attackers.
It was a small-scale data breach in 2020 where the attackers hijacked the Twitter accounts of famous and influential people. It was a social engineering attack, and the attackers collected $117,000 in Bitcoin.
How can organizations prevent data Breach?
There are multiple ways to breach data, so there is no size fits all protection solution. Some main steps taken can cover most of the vulnerabilities.
Access Control: Employers can restrict access and permissions to employees and have an Identity Access Management program in place.
Encryption: Ecommerce Business websites have SSL/ TLS encryption to prevent hacking when data gets transmitted between consumers and companies. Also, the Server and employee's data must be encrypted.
Web Security Solution: A web application firewall can protect a business from vulnerability exploits and application attacks.
Network Security: Internal networks can be protected from attackers by using Firewalls, DNS- layer security, DDoS protection, SWG (Secure Web Gateway), and data loss prevention (DLP).
Software updating: Older versions of the software are vulnerable to attacks. The software company regularly releases security patches or new versions to prevent attacks.
Training: Social engineering is a common cause of data breaches. Employees must be trained for secure password management and accessing trusted websites from companies’ devices.
How can individuals protect themselves?
Here are some best practices which individual users can follow. These can protect them to a certain extent but not guarantee complete data security:
Use unique passwords for each account: Many users use the same passwords for multiple online accounts. Hence, it is not advisable if one of the accounts has a data breach. Attackers can use that password to compromise other accounts of the users as well.
Use two-factor authentication: Two-factor authentication (2FA) is an excellent way to avoid phishing. This more than one verification method where users’ identity is confirmed, such as One Time Password (OTP) on mobile in addition to passwords, makes users less vulnerable to data breaches.
HTTPS websites: If one is filling in online details, the one should give them only to websites with SSL encryption and will have HTTPS:// instead of HTTP://. Without encryption, websites will expose personal and financial data.
Keep software and hardware up-to-date: This applies to the individual as well.
Only install applications and open files from trusted sources: Users download and install malware accidentally. One must make sure that any files or applications downloaded are from a trusted source. Also, users should avoid opening unexpected email attachments or from unknown or suspicious emails as they are often malware disguised by attackers.