Lessons Learned: Keeping Information Safe
Data security breaches are an increasingly common headache of the digital age, but they offer some great insights into best practices for keeping sensitive information safe. It is easy to see that, as the digital revolution progresses, most of us live a significant portion of our lives online – and with it, our data. With increasing reliance on technology to store information and process transactions, data breaches can affect names and addresses, social security numbers, credit card numbers, and even health information. Data breaches have affected corporations, government agencies, social media platforms, financial institutions, and more. A critical part of security is creating better solutions to security issues to stay one step ahead of those who would use others’ data for their own personal gain.
Here we examine some of the most recent well-known data security breaches and determine what lessons we can learn to prevent similar breaches in the future:
- Marriott International: In March 2020, Marriott International announced a large data security breach affecting over 5 million guests – and, unfortunately for them, this was the second large-scale breach of their systems in recent memory. Hackers obtained access information for two employees, and used that information to access millions of guest records.
Our Lesson: Multi-factor identification and monitoring for unusual behavior are critical to data security. Multi-factor identification ensures that having a password alone won’t grant access to sensitive information, and security systems that monitor for unusual behavior would quickly flag any account suddenly accessing millions of customer records.
- Zoom: In April 2020, Zoom fell victim to a massive data breach with the number of affected users still climbing. Hackers used a common technique called credential stuffing to test over 500,000 passwords and gain access to a large number of accounts, obtaining not just personal information but also meeting location links.
Our Lesson: Always use unique passwords to prevent data breaches. This is something that many users struggle with, and we recommend using password managers to help create a safe storage location for critical security information.
- Twitter : In July 2020, Twitter made headlines when a large number of high-profile accounts were hacked to promote bitcoin. As part of this breach, accounts of well-known personalities from Elon Musk to Barack Obama were used to reach over 350 million users and ultimately swindled $120,000 worth of bitcoin through at least 300 transactions.
Our Lesson: Train your employees in cybersecurity. Although still under investigation, it appears that employees of Twitter were targeted by phishing attempts in order to obtain critical security information. Especially in the work from home settings prompted by the current pandemic, employees were left to their own devices in a comfortable, less secure setting, and opportunists took advantage of that.
Data security is something we can and should all learn about to prevent breaches like those discussed here. It is imperative that not just organizations but also users understand the importance of basic security measures and regular security updates. As long as there is money to be made from stolen data, hackers will be racing to beat modern security measures – and if we want to keep our data secure, it is our duty to stay one step ahead.