Data Breaches in 2019: Bigger, More Devastating
Written by Pallavi Srivastava
One barometer is data breaches. Recent years have seen a significant increase in data breaches. According to the ‘2019 Breach Barometer’ report, cases of data breach surged by 54% in the 1st half of 2019 and about 4.1 B records got exposed during the same period. The global average cost of a data breach in 2019 is reported at US$3.92 M, an increase of 1.5% from 2018, as per the ‘2019 Cost of a Data Breach Report’ by the Ponemon Institute and IBM.
A Very Short List of the Biggest Data Breaches of 2019…
Quest Diagnostics & LabCorp
About 20 M customers’ medical and financial data was exposed during August 1, 2018 to March 30, 2019. An unauthorized user had access to the American Medical Collection Agency (AMCA) system, which was used by both Quest and LabCorp to store their data.
Federal Emergency Management Agency (FEMA)
In March 2019, the Department of Homeland Security reported that FEMA had compromised the information of more than 2 M Americans by sharing personal and banking information with its contractor and noted it as ‘major privacy incident.’
Amazon Web Services (AWS)
In October 2019, an unprotected AWS Elasticsearch cluster exposed over 20 M personally identifiable information (PII) and tax information belonging to Russian nationals. Also, in September 2019, passenger files of Malaysia’s Malindo Air stored in an open AWS bucket was breached, which lead to exposure of 30 M passengers’ details. Parts of the leaked databases were also up for sale on the dark web.
And Other Cybersecurity Incidents
In April 2019, Wipro’s IT systems were breached as hackers gained access to systems and used them to launch attacks on the firm’s clients. Nonetheless, the company claimed cyber-attack had no impact on its ongoing critical business.
Exclusive: Multiple sources now say Indian IT outsourcing giant @Wipro is in the throes of dealing with a months-long breach in which intruders were seen using the company’s networks to attack and probe customer systems https://t.co/02WkdkU0UE pic.twitter.com/ptOxylwJ4K
— briankrebs (@briankrebs) April 15, 2019
Citrix reported a security breach of their internal network, where hackers stole business documents. The company said that the extent of the security breach is not yet known but it is possible that the data stolen included names, social security numbers, and financial information.
More recently, a Citrix vulnerability left more than 80,000 companies open to attacks:
— Supply Wisdom (@Supply_Wisdom) December 26, 2019
Cybersecurity Risk: No One is Immune
Trends indicate that all companies are vulnerable to cybersecurity attacks and data leaks regardless of their size. Despite companies enlisting expert help for cybersecurity and establishing robust internal controls, there is a significant surge in data breaches.
Some underlying causes:
Companies rely on a diverse range of software, digital products, and applications. Therefore, it’s becoming difficult for the monitoring team to look for each open point. These points enable attackers and unauthorized users to enter the network and access databases.
In recent years, many large-scale attacks have been caused by malware and phishing scams. It’s easy to wait for bad actors to target companies, wait for vulnerabilities, and plant their malware in the target network.
Absence of Oversight
Many companies do not establish continuous monitoring protocols for their systems and networks even if they have strict procedures in place for testing. Furthermore, companies must be careful about security testing for all new applications before roll out.
Developers and hackers are running an endless race where developers work to build software, systems, applications, and networks and hackers keep looking for new vulnerabilities in the product which programmers may have overlooked. Phishing of web pages, key loggers, Remote Administration Tool (RAT), zombie computers, malware, spy, and botnets are just the tip of the iceberg of the toolkit available to hackers.
Cybersecurity Posture of Your Third Parties
Cybersecurity events, particularly data breaches, cause reputational damage along with potentially catastrophic financial loss. From long investigation processes to regulatory penalties, remediation and settlement costs can dent revenues and investors’ confidence.
While cybersecurity attacks and data breaches cannot be ruled out completely, there are measures to minimize vulnerabilities and potential security risks such as implementation of Role-Based Access Control (RBAC), installation of software to block unsecured web pages, and investing in anti-virus and firewalls for basic security hygiene.
However, it is more complicated for companies that handle users’ personal or sensitive data, especially through their third parties. Companies may be able to institute protocols and establish security mechanisms that protect their own networks. However, their third parties, which include suppliers, partners, and vendors, then present an additional risk surface. Companies must evaluate the nature of data that their third parties handle and encourage them to institute practices in line with the sensitivity of the data.
If nothing else, companies must establish outside-in cybersecurity risk monitoring for their third parties and vendors at scheduled intervals. Outside-in cybersecurity risk monitoring offered by solutions like Supply Wisdom enables companies to assess the cybersecurity posture of their parties and see what hackers see when they scan the third party’s network. This can help ensure some of the risks of data breaches are reduced.
Receive Supply Wisdom’s insights and newsletters on cybersecurity risk right in your inbox. Subscribe here.