As computer technology advances, the more threats enterprise IT networks face. For example, there have been many data leaks where cybercriminals stole various information from different organizations and corporations. They include credit card information, bank details, personal health information, username and passwords, personally identifiable information, intellectual property, contact details, and social security numbers.
When the incident becomes publicly known, that’s when damages are realized. Victims may demand compensation. It could mean a massive drop in an organization’s profit, which could take a few years to restore.
Data thieves exploit overexposed and vulnerable unstructured files, sensitive information, and documents. The theft, which often leads to unlawful or accidental destruction, unauthorized disclosure of, alteration, or loss of protected data, defines a data breach, according to ISO/IEC 27040.
The Latest and Biggest Data Breaches
Not all data breaches are reported, especially incidents which do not directly affect the public. This year, some of the most significant data breaches include a computer manufacturer, a water treatment plant, and a clothing retailer.
Bonobos, an upscale men’s apparel and accessories retailer, was hacked on January 22, 2024. The cybercriminal was able to download its backup cloud data. The downloaded data included order information for more than seven million customers. It exposed the account information of 1.8 million registered clients, and partial credit card records of 3.5 million customers. The data was found exposed in a hacker forum.
On February 5, 2024, the Florida water system had a cybersecurity breach. The hackers were able to access Oldsmar’s water treatment system using Teamviewer, a remote access software platform. They tried to poison the water supply by increasing the Lye and sodium hydroxide levels 100 times more than normal. An employee alerted the company and the levels were immediately returned to normal before any damage could happen. Company officials said the Florida water system uses a Google Chrome product while Oldsmar systems use Windows 7.
Taiwanese computer maker Acer had a ransomware attack, announced on March 21, 2024. The attacker, REvil, exploited a Microsoft vulnerability in Acer’s back-office network. The cybercriminals demanded US$50 million,which was reduced by 20 percent through negotiations. REvil stole corporate data, including customer databases with account numbers and credit limits. The corporate data was posted on the REvil’s group site, where various Acer data were placed on auction.
By industry sector, cybercriminals target the following:
- Business (any size) – 644
- Healthcare/medical facilities – 525
- Education – 113
- Banking/finance/credit – 108
- Military/government – 83
- How data breaches happen
When cybercriminals can access data and sensitive information, costly data breaches occur. The average cost of a single record is $146, but considering that the data lost during a breach runs in the millions, it’s a considerable sum of money. For example, 250 million IP addresses, chat logs, and email addresses were stolen in the January 2020 breach at Microsoft, which cost about $1.8 billion. In April 2024, Facebook lost 533 million names, email addresses, dates of birth, and phone numbers of its registered users. It cost the company around $3.7 billion.
Given these facts, organizations should have high-level security measures to prevent data breaches. The following are some of the things you can do.
- Asset inventory. Have a record of software and hardware assets you have in your physical and network infrastructure. Use the list to create categories and ratings around the vulnerabilities and threats your assets may face.
- Vulnerability and compliance management.Use the tool to identify the security misconfigurations, weaknesses, and gaps in your virtual and infrastructure environments.
- Regular audits on your cybersecurity strength.Security audits will give you a thorough assessment of your organization’s security policies and identify potential new gaps in governance or compliance.
- Security awareness training. Provide your employees with regular cybersecurity training, especially since many employees are remote working and using potentially insecure connections and devices while accessing company data.
- Policy management. Your cybersecurity solutions will work if you have a cybersecurity policy in place, wherein all employees are aware of their role in its implementation. For example, you can have each employee sign a cybersecurity policy to hold them responsible or use an enterprise security system that includes the configuration, distribution, and monitoring of your security policies.
What Can Cybercriminals Do With Stolen Data?
If they hack financial and shopping institutions, they can get your usernames and passwords, open credit and bank accounts in your name to steal your money, damage your credit, and make purchases using your credit or debit card. In addition, some cybercriminals obtain cash advances in your name and use and abuse your Social Security privileges. In some instances, they can sell your information to interested parties.
Cybercriminals can also steal intellectual property, new product plans, sensitive agreements and contracts, and other critical information to identify you, your company, business associates, and trade partners.
Best Practices to Prevent Data Breaches
Investing in a data security system is your best ally to prevent data breaches. Likewise, you can implement some best practices to ensure your protection from data thefts.
- Remote monitoring. Look for a reputable managed IT services provider to monitor your network around the clock.
- Regular data backup and recovery. Prevent the loss of data by having an automated remote backup system. When you have a backup of your data, you can recover it quickly. Some companies even have another copy of their backup data stored in an offsite location.
- Destroy materials before disposal. Use a cross-cut shredder for paper files with confidential information. Instead of just reformatting or deleting files from hard drives, laptops, and other devices, use software that will permanently wipe off data before disposing of old devices.
- Protect physical data. Human errors can lead to data breaches. If you store many physical files, store them in a secure location and limit access to authorized employees.
Recovering From a Data Breach
An organization must always be ready with a data breach response plan headed by a data breach response team.
- Isolate the affected machines and systems from the network. Check other systems that may be connected and repeat the process. Create forensic copies and document all activities.
- Implement rotation of credentials such as encryption keys and passwords. Work with the system owners to ensure that system-to-system communication still works. Have experts clean and rebuild the system at the server level. Security experts can update systems, install patches and do data analysis.
- Increase your monitoring to determine that you are rebuilding the compromised server. Then, if there is another wave of attack, you will be ready for it.
- Communication is critical after a breach. Your legal department or outside counsel should handle the communication within your organization, your users, and your customers.
Protecting your organization from a data breach is a continuous process. Implement a layered approach. You should have a data security management system in place. Second, every organization member must have regular data security awareness training and know their responsibilities to protect virtual and physical assets. Finally, work with an expert cyber security service provider to improve your cyber protection.
Image source: Unsplash