What is Data Breach and most common causes of Data Breaches?

When it Happened: series of breaches in 2013 and 2014

When it disclosed: 2016

In 2016, Yahoo estimated that over 1 billion user accounts might have been compromised in the 2014 breach. Later, in 2017, it admitted all 3 billion of its user accounts had been hacked. The breaches involved the theft of user account details such as email addresses, telephone numbers, hashed passwords, dates of birth, and, in some cases, answers to security questions. Fortunately, no payment information, such as credit card numbers or bank account details, was stolen.

Equifax

When it Happened: Mid-May 2017

When it disclosed: September

Hackers gained access to certain files containing Social Security numbers, birth dates, addresses, driver’s license numbers, and other personal information. 209,000 consumers also had their credit card data exposed in the attack.

Marriott International

When it Happened: 2014

When it disclosed: 2018

In 2018, Marriott International announced that cyber thieves had stolen data on approximately 500 million customers. Marriott believes that credit card numbers and expiration dates of more than 100 million customers were stolen, although the company is uncertain whether the attackers were able to decrypt the credit card numbers.

Basic safeguard from data breaches

• Encryption: According to ponemon research, the second-to-top factor that reduces the overall costs of a data breach is encryption. It’s a simple yet often neglected way to secure your data. Even if it’s stolen or breached, properly encrypted data will be useless for malicious actors, they won’t be able to sell it or use it against you or the individuals whose data they stole.
• Data access governance: Regular privilege attestation and data access monitoring will reduce your attack surface and help you spot abnormal activities.
  
  

Steps you should take when becoming a victim of the data breach

• Contact the breached company: That means to contact the company whose data was breached. Find out the extent of the damage. Don’t trust Even if they tell you that your stolen information was encrypted.
• Change all your passwords. Don’t make it easy. Use different passwords for different accounts!
• Call your credit card companies and banks: Doing so will lock your accounts and prevent further transactions.
• You can file a report with the Federal Trade Commission (FTC) if you are in the U.S. or similar agencies in other countries.
• Get a copy of your credit report to see if something unusual is on your credit and include that in your police report and FTC report.
  
  

In conclusion, we can say that we read frequently about personal data breaches. One of the recent ones happened on German politician’s data. Data breaches might sap our companies and our digital identities, regulations have been made trying to normalize and to block breaches, but unfortunately in 2019 is still easy to get random personal data out of the internet. The main reason for vulnerable websites is un-patched software versions.

Here are a few things that can help you

• Look for solutions that can help automate as many tasks as possible so you and your team can focus on strategically important activities.
• Look for new Cybersecurity developments in various industries and apply those that seem to fit your company best.
  
  

Thanks for reading!! Contact Mirketa if you need a consulting on how you can protect your websites and application data.