It’s no secret that organizations around the world are struggling to keep their most prized assets under lock and key. One report claims 2022 was a near-record year in the US for data breaches and incident reports have already soared 114% between the first and second quarters of this year. However, every so often a series of incidents comes along which serves as a reminder of the range of risk factors enterprise security teams need to deal with.
Three recent breaches all had different causes but the same end result: reputational and financial damage for the organization in question. It’s time we worked harder to mitigate this surging risk, by applying strong protection measures to what matters most: enterprise data.
What happened recently?
The three incidents were publicized just days apart. Yet they affected very different organizations:
Tesla: A data breach notification letter posted to the Office of the Maine Attorney General confirmed an incident impacting nearly 76,000 employees, after two former staffers exfiltrated 100GB of data and shared it with a German newspaper earlier in the year. In the trove were personally identifiable information (PII) on the employees, plus highly sensitive documents detailing car defects. Although the newspaper said it won’t publish the PII, the incident may already have had a reputational impact on Tesla.
The Police Service of Northern Ireland (PSNI): The PSNI suffered what some have described as the worst data leak the UK has ever seen, when an employee accidentally uploaded highly sensitive details on serving officers in response to a Freedom of Information (FOI) request. The Excel spreadsheet they published online was subsequently posted to an FOI website for several hours before being taken down. It contained the surname and initials of every employee, their rank/grade, where they are based and the unit they work in. This included sensitive areas such as surveillance and intelligence, including undercover operatives. One man has already been charged with terrorist offenses after the spreadsheet was found on his phone at home.
Discord.io: The third-party Discord service provider was forced to cease all operations after a threat actor put a database of 760,000 users’ data up for sale on the dark web. Among the information stolen were usernames, Discord IDs, email and billing addresses and salted/hashed passwords. The firm said the incident came about after the threat actor exploited a vulnerability in its website’s code. The information could be used by fraudsters to craft convincing follow-on phishing attacks.
What you can do
The incidents highlight the range of data breach risks facing organizations. It could come from unscrupulous employees with an axe to grind and privileges to access sensitive data. It could be a genuine mistake from a negligent staffer. Or it could be an external threat actor capable of bypassing perimeter defenses, by exploiting bugs in web applications or using stolen credentials to impersonate legitimate users.
No matter how it happens, breaches are inevitable today. The attack surface of most organizations is simply too broad to protect with 100% certainty. And humans will always be a weak link in the security chain. The answer is always the same: apply strong data-centric security to protect the information itself. This will ensure that, whether it’s stolen or accidentally leaked, no one will be able to use it. That in turn minimizes financial and reputational damage and keeps regulators happy. This is what comforte’s Data Security Platform was built for.
