The digital era has come with its fair share of scams with data breaches being the most prevalent. This problem is an everyday occurrence all over the world. In layman’s terms, a data breach is an incident where data gets disclosed without authorisation – whether it be data at rest, data in transit or data in use.
Modern-day data breaches include, but are not limited to, access to personal information such as credit card numbers, social security numbers, education backgrounds, medical history and the list goes on and on. Companies are a major target for hackers in search of corporate information such as a customer’s numbers, bank account details, software codes plus trading secrets amongst other items.
Data breaches are as harmful as they get. Private information such as images and videos can cause serious harm when leaked to the internet. Companies face fines and other civil litigations due to breaches by hackers or disgruntled ex-employees. It’s reported that the first six months of 2019 saw 3,800 publicly disclosed breaches with over 4.1 billion records compromised. The breaches were widespread targeting government agencies, healthcare, education and social media platforms such as;
This breach occurred between 1st August 2018 to 30th March 2019. A hacker gained access to the American Medical Collection Agency system that had been conducted by Quest diagnostics. 11.9 million confidential records were compromised that contained medical information and financial information such as credit card numbers and personal information such as social security numbers.
Capital one suffered the largest breach in bank history between 12th March to 17th July 2019. A former software engineer was able to gain access to a cloud-based server and steal data from over 100 million bank applicants.
The First American corporation is the largest real estate insurance company in the US that had 885 million confidential records exposed. Brian Krebs, an American journalist, reported that the first American leaked hundreds of millions of documents. The documents included bank account numbers, statements, tax records, social security numbers, wire transactions, plus driver’s licenses images dating back to 2003.
On 20th May 2019, personal data of Instagram influencers such as celebrities, bloggers, musicians, and comedians were scraped and stored on an unsecured database. It’s reported that the hackers were from Mumbai, India.
Over 1.5 billion Whatsapp users had their data breached on 15th May 2019. The breach allowed hackers direct access to their phones by simply calling them. Data was still accessed even if the victim chose not to answer the call. Word had it that the malicious code was from a private Israeli company called NSO Group.
FEDERAL EMERGENCY MANAGEMENT AGENCY(FEMA)
In March 2019, the Federal Emergency Management Agency exposed over 2.3 million records as reported by the office of the inspector general. The agency violated the privacy Act by releasing sensitive information of the hurricane Harvey, Irma, and Maria survivors. This information was given to its contractors which was beyond what they needed to confirm survivors’ eligibility during the check-in process for shelter.
US & SOUTH KOREAN
On 29th May 2019, some hackers apparently from Russia managed to steal over one million credit cards from US and South Korea residents. This hack was first discovered by security researchers browsing the dark web. The hacking had gone on for some time undetected as the data on the dark web was in Russian while the affected areas were the US and South Korea.
Given all this, companies have come up with new tools to combat security breaches. The first tool for preventing data breaches is to educate the general public on the value of protecting their personal information. People need to secure their accounts with passwords to ensure unauthorised persons cannot come into contact with their information. Always remember to log-out of your computer especially when using computers in public domains.
The second tool is the use of data encryption. Encryption is a security method that encodes information that can only be decrypted by a user with the correct encryption key. Security firms are strongly advocating for encryption to ensure people’s data are safe when processing and sharing. Encrypted data known as cypher text in the digital world, appear as scrambled or unreadable to the hacker trying to access the information without permission.