High-profile Data Breaches: the Controls That Could Protect You

Data breaches can have far-reaching financial and reputational impacts on your business.  Without proper attention to detail and the implementation of risk mitigation controls, a small security gap can be the cause of a massive data breach.

In this blog, we’ll bring you some up-to-date information on some recent high-profile data breaches and suggest risk mitigation controls to help you protect yourself from the devastating effects of a data breach.

As we dive into the topic, you’ll get answers to some commonly asked questions:

• What are some recent high-profile data breaches?
• What causes a data breach?
• What controls prevent data breaches?

What are Some Recent High-Profile Data Breaches?

ChatGPT

The web can’t seem to get enough of ChatGPT, and it seems that hackers have also been eyeing the new AI bot. In March of this year, OpenAI published a report following reports of personal user data exposure in the ChatGPT interface and explained that a vulnerability in the Redis client open-source library caused the bot to expose the personal data of other users, including queries, subscriber’s name, email addresses, payment addresses, and limited credit card information. 

US House of Representatives Healthcare Breach

A Washington DC healthcare provider that handles sensitive data belonging to hundreds of House of Representatives members was impacted by a significant data breach in March. Account information and PII were stolen, and the data was put up for sale online. The FBI is investigating.

Atlassian

The Australian software company Atlassian suffered a serious breach after hackers used stolen employee credentials to extricate data from a third-party app named Envoy.  The attack was carried out by a group known as “SiegedSec.” The stolen records of thousands of company employees were leaked online. The stolen data included JSON files with employee information and two area plans of Atlassian offices.

“THATS RIGHT FOLKS, SiegedSec is here to announce we have hacked the software company Atlassian,” the hacking group posted along with the stolen data. “This company worth $44 billion has been pwned by the furry hackers.”

Reddit Data Breach

Reddit suffered a data breach on February 5, 2023. After obtaining the credentials of the targeted employee, the attacker gained access to some internal docs, and code, as well as some internal dashboards and business systems. The breach did not expose Reddit user data and only impacted “limited contact information” for company contacts and employees, as well as limited advertiser information.

Optus

In September 2022, Australian telecoms company Optus, with over 9 million customers, suffered what may be described as the worst data breach in the history of Australia. According to reports, names, dates of birth, phone numbers, and email addresses may have been exposed, while a group of customers may have also had their physical addresses and documents like driving licenses and passport numbers accessed. The massive breach highlighted the weak status of Australia’s cyber posture as compared to the rest of the world and is expected to usher in stricter regulatory oversight.

How To Protect Your System From the Next Breach

The prevention of data breaches requires the awareness of all players in a company, from end users to IT personnel. To stop data breaches or leaks, it is crucial to focus on preventing unauthorized access. Unauthorized access can be a result of weak passwords, social engineering, misconfigured accounts, or malware. 

These recommendations are a good start to protecting you from data breaches.

• Patching and updating software 
• Data encryption for sensitive data.
• Strict  BYOD security policies
• Strong credential requirements and multi-factor authentication
• Employee training and education (you could’ve written this one on your own)
• Prioritize data according to risk level on a data breach risk matrix

The Challenge of Security Breach Protection 

In general, as technology continues to proliferate to our benefit, threat actors are becoming more tech-savvy and creative as well. They’re stealing more information, using extremely sophisticated methods, and accessing more devices on the ever-expanding attack surface.

The number of internet-connected devices has well surpassed the world’s population. This massive attack surface comprised of billions of endpoints, coupled with remote work arrangements and third-party risk, is one of the main factors contributing to a higher risk of exposure to data breaches. 

Protecting a single entry point is no longer sufficient because of the abundance of internet-connected gadgets and apps. Attackers are getting better at putting disparate pieces of information together to provide a more complete picture of a target’s life. They might possess leaked data from a credit card, GPS data from a cell phone, and images they’ve downloaded from social media. When they put it all together, savvy attackers can find out a lot about their target’s personality, family, and daily routine—and use that information to take advantage of their target’s weaknesses.

To date, there’s no clear-cut, straightforward way to ensure data breach mitigation. Instead, organizations need to implement a multi-pronged approach to make sure their digital assets and sensitive data are protected from breach.

The Controls You Need To Prevent Data Breach

Below is a list of data breach controls and best practices to keep your system safe.

Identify and Classify Data

The most sought-after commodity in the hacking industry is the data you create and store on devices. But all data is not created equal. To more efficiently protect your data, it is important to determine which data is critical to your organization. This is one of the foundational features of data loss prevention tools. As data is created, modified, stored, or transmitted, the classification can be updated.

Access controls should be in place to prevent unauthorized users from altering classification levels. For example, only privileged users should be able to downgrade critical data to a lower classification. An access control list (ACL) is a list of who can access what data and with what permissions. It can be an internal part of a general operating system or specific to an application. For example, a custom application might have an ACL that lists which users have what permissions in that system. ACLs can be based on whitelists or blacklists.

Third-Party Risk Management

With the migration of the digital world to cloud-based services and the proliferation of outsourcing, it is critical to assess the security of your supply chain using third-party vendor assessment tools and CSA self-assessments before granting access to data classified as sensitive corporate information.

Data Encryption and Backups

Encryption and repeated backups will keep your intellectual property safe in the event of a breach and avoid data loss.

System Hardening

• Securing the OS

The first step to securing a system is to ensure that the operating system’s configuration is secure and up-to-date. Out of the box, most operating systems come with unneeded services that give attackers access to security flaws. Unnecessary services should be removed to avoid lurking attack vectors.

• Password Policies and MFA

Strong password policies and multifactor authentication ensure that your system is better fortified against the risks of data breaches.

• Rigorous threat and vulnerability management strategy

Ensuring that all operating systems, applications, and software in your IT environment are patched and uncorrupted is essential for data loss protection. While antivirus and EDR solutions are automated, patches for critical infrastructure need to be constantly updated and in line with new threat vectors and vulnerability research. Vulnerability scanning software allows security teams to visually analyze and patch data flaws, conforming to the most up-to-date versions and identifying out-of-compliance devices. 

Education, Education, Education

Above all, awareness training is a vital component of your control strategy. The most advanced security controls are headed straight for disaster without user awareness. Employee training is arguably the most effective defense against the risks of data loss, and statistically more breaches have been attributed to human error than to any other cause. Compliance and acceptance of security policies and procedures can be encouraged by training webinars, periodic emails, and test phishing attempts. 

The Outlook for 2023

With 2022 and its data breaches behind us, there is growing awareness of the havoc wreaked by data breaches. Many organizations are implementing segmented practices to prevent breaches. But these disparate tools can only do so much. To holistically protect your data and maintain strong control of your system, a comprehensive tool that gives you full visibility into your risk is essential for centralizing all data loss prevention tasks.

Centraleyes’ cutting-edge platform combines risk-based compliance with industry standards in a user-friendly environment while providing vulnerability scanning updated with the latest threat vectors. Feel confident that your system is strongly developed and has the cyber maturity that it needs to weather the threats it faces in 2023.

Book a demo today!