The Truth About Data Breaches

“When flimsy cyber defense fails, Format Preserving Encryption prevails”

-James Scott

Data breaches, as the name suggests is the leakage of data unintentionally or intentionally to a potentially untrusted source. Confidential and secured data might get stolen, copied, and used by an unsanctioned person. The type of data that gets breached out include, but not limited to, bank account details, personal health information, government data files, corporate information, software source codes and other personal data.

Trends of data breaches

Now a days, data breaches mostly occur online. The highest number of incidents of data breaching are from one single social networking website which is called Facebook. Millions of Facebook accounts get hacked and the data is stolen from them. The breaches are also made public in order to threaten the users. The company was fined 4% of its annual profits.

Another major data breach occurred in 2018, Cathay Pacific, an airline in Hong Kong was made the target of breaching. The company admitted that information such as passenger’s names, credit cards information, and passports were leaked. The company’s CEO, Rupert Hogg made a statement saying, 

“We are in the process of contacting affected passengers, using multiple communications channels and providing them with information on steps they can take to protect themselves, we have no evidence that any personal data has been misused. No-one’s travel or loyalty profile was accessed in full, and no passwords were compromised.”

Uber also faced a cyber-attack of data breaching in September 2018. The company paid over $100,000 to hackers to delete the data of passengers and drivers respectively. A similar service like Uber, called Careem which operates in Pakistan faced a similar cyber-attack.

British Airways also faced data breach in August and September. Passenger’s personal and financial information was stolen. The CEO responded to the attack saying, 

We’re extremely sorry. I know that it is causing concern to some of our customers, particularly those customers that made transactions over and app, we discovered that something had happened but we didn’t know what it was so overnight, teams were trying to figure out the extent of the attack.” He continued saying, “The first thing was to find out if it was something serious and who it affected or not. The moment that actual customer data had been compromised, that’s when we began immediate communication to our customers.”

The data breaches have affected so many major companies worldwide and this doesn’t stop here. The data breach can occur in hospitals too. For example, viewing the computer of a doctor by an assistant to steal a patient’s information is also data breaching. Taking someone else’s phone or flash drive and copying data, such as their pictures, is also known as data breaching.

How does data breaching actually happen?

The data breaching can occur in a lot of ways. In personal accounts, data can be stolen by hacking into the account, this might be due to the account having a weak password which is fairly easy to break. Moreover, data can be extracted from a stolen phone or laptop as well. In addition, the missing software patches also serve as being vulnerable. Malware infected into the computer systems and also give the hackers confidential information, this may be done by the help of phishing emails or apps.

Chris Hauser, a Travelers Cyber Fraud professional and former FBI agent working for cyber investigations says, “Computer attacks are not magic, they are a series of discrete attacks taking advantage of certain vulnerabilities.”

So basically, data breaching occurs when there is something vulnerable and that can be attacked by the hackers. In order to stay safe from data breaching, a number of safe computing tips should be following by each one of us. And in case of a threat, contact a cyber-security professional immediately and report the incident as soon as possible.

“BYOD must evolve from ‘Bring Your Own Devil’ to ‘Bring Your Own Defense’ associated to security probation and monitoring.”

― Stéphane Nappo

This site uses Akismet to reduce spam. Learn how your comment data is processed.