Data leaks occur whenever a user or organization has their sensitive information exposed, putting the security and privacy of companies and people at risk. Know more!
The Data Breach Investigation Report 2022, conducted by the Ponemon Institute, provides an overview of data breaches occurring in 2022 in 17 countries and regions and 17 different industries.
To produce it, more than 3,600 people from companies that suffered leaks were interviewed, which made it possible to gather some relevant information.
According to the study, 83% of companies surveyed had more than one data breach. In addition, 60% of leaks resulted in higher prices being passed on to customers and the average cost of one of these events was US$4.35 million.
In this article, we are going to talk more about data breach and address its main causes. To facilitate your reading, we have divided our text into the following topics:
1. What is a data breach
2. What are the 5 common causes of data breach
3. Examples of data breach
4. What are some common types of violations
5. How to prevent data leakage
6. About senhasegura
7. Conclusion
Enjoy your reading!
1. What is a data breach
A data breach happens when a person or organization has their confidential information exposed due to security breaches, creating risks for the companies and people affected.
When this occurs, the organization needs to notify the control authority soon after learning of the occurrence, in the shortest possible time, in addition to the people who had their data compromised.
If the company is a subcontractor, it is also necessary to notify the person responsible for processing this information.
2. What are the 5 common causes of data breach
The main causes of data leaks are:
Insider threats due to misuse of privileged access
Weak and stolen passwords
Malware
Social engineering
Exploitation of software vulnerabilities
Learn more about each of them:
Insider threats due to misuse of privileged access
Within an organization, employees have privileged access to sensitive data and may misuse these permissions, intentionally or unintentionally.
This can happen in a variety of ways and for a variety of reasons, whether it’s selling information on the dark web, sabotage due to dissatisfaction at work, or simply losing a device with access, such as laptops.
Therefore, it is advisable for companies to adopt the Principle of Least Privilege, according to which each user has only the necessary access to perform their functions. In this way, in the event of a leak, damage to the IT environment is limited.
Weak and stolen passwords
One of the main causes of data leaks is the use of weak or reused passwords, which facilitate credential theft.
The use of weak passwords occurs because many people rely on predictable patterns like ?123456?. The reuse of passwords is a practice adopted due to the difficulty in memorizing a large number of complex accesses.
As a solution, we recommend the password manager, which allows you to store all your passwords, requiring the use of a single set of credentials to access them.
Malware
Malware is malicious software used by cybercriminals to exploit one or more potentially connected systems.
There are several types. One of them is ransomware used to encrypt data or block a computer’s resources and demand a ransom payment in exchange for releasing that machine or system.
To avoid malware infection, it is important to be careful when accessing suspicious websites or opening emails.
Social engineering
Social engineering is also among the leading causes of data leaks. In this type of attack, malicious actors manipulate their victims into sharing confidential information or taking actions on their behalf.
A tip to avoid attacks of this nature is to always be suspicious of promises that seem too good to be true.
Exploitation of software vulnerabilities
Malicious actors can exploit software vulnerabilities in a number of ways. As such, it is important that exploits are found and addressed by the organization before they are identified by hackers.
When a vulnerability is fixed, the software provider releases an update patch that must be applied by the company. This must be done immediately in order to avoid exposure to the threat.
3. Examples of data breach
Below are examples of the main causes of data breaches:
Major data breach caused by misuse of privileged access
Recently, there was a privilege leak at Uber, allegedly caused by the misuse of permissions. The attacker is believed to have purchased the password from an Uber professional on the dark web after his personal device was infected with malware, exposing his data.
The contractor would have received two-factor login approval requests and granted access to the hacker.
This social engineering technique is known as an MFA fatigue attack and consists of bombarding users’ authentication application with notifications to get them to accept and allow access to their accounts and devices.
Massive data breach caused by the use of weak and stolen passwords
A single stolen password prompted a hack attack against U.S. pipeline operator Colonial Pipeline in May 2020.
It is believed that this was possible because the corporation used an old virtual private network (VPN) system that did not have Multiple Authentication Factor, requiring only a password to access its resources.
Massive Data Breach Caused by Malware
New Mexico’s largest county was the target of a ransomware attack in early 2022, which left several government offices and county departments offline.
This attack disabled the security cameras and automatic doors at the Metropolitan Detention Center and due to failures in the electronic locking system, inmates had to be confined to their cells.
Massive data breach driven by social engineering
Between 2009 and 2011, American tabloids were reported to have hired hackers to find out news about their targets, who ranged from movie stars to ordinary citizens, by intruding on their cellphone voicemail.
For this, various social engineering techniques were used, including the pretexting scam, which refers to lies invented by cybercriminals to request information from users.
Major data breach caused by exploiting software vulnerabilities
In this topic, we did not bring an occurrence, but one of the great examples of software vulnerability that can generate data breach: Log4Shell.
Log4j is a computer program developed and used to record activities that occur in various systems, including errors and routine operations. Log4Shell happens when using a certain feature in Log4j, which makes it possible to define a custom code to format a log message.
Through this feature, it is possible to register the username, related to the attempts to login to the server, and its real name, if a separate server has a directory that associates usernames and real names.
Thus, Log4j ends up allowing malicious attackers to send software code that can perform all kinds of actions on the victim’s computer, opening loopholes for numerous threats, including data breaches.
About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Senhasegura
Senhasegura strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.
