Given the value placed on data in this age, breaching systems to cause data leaks is unsurprisingly the mainstay of malicious cyber actors today. And businesses are still grappling with this reality and leaving their defenses open despite the spate of rising data leakages and breaches globally.
Understanding the common causes of data leaks is crucial for implementing effective cybersecurity measures. In this article, we explore five of the prominent causes, highlighting how they occur as well as examples to demonstrate the pervasiveness of data leaks.
Software Misconfiguration
Despite the apparent danger, many individuals and organizations leave default passwords unchanged. This is just one example of how misconfiguration of settings can allow attackers to infiltrate systems, databases, cloud services, applications, etc.
At other times, a misconfiguration can occur when a program’s settings do not align with the organization’s security policy, and so permits unintended behavior.
This is basic cyber hygiene, but even big tech companies can leave certain things out.
Back in 2021, for example, Microsoft made the news for the wrong reasons when 38 million customer records, including sensitive information, were exposed online due to a misconfiguration of its Power Apps portal service.
Particularly, organizations should be careful when migrating services or data to cloud environments – misconfigurations are common with this action and can arise simply from not following or not understanding the instructions.
Ransomware
According to a recent report on the state of ransomware, global ransomware attacks surged in the past year and recorded an all-time eye.
Amidst these, the US is the biggest victim, suffering 43% of global recorded attacks, with zero-day exploitations by malicious actors playing a huge role in the increase in attacks.
So, ransomware attacks are not only growing in number but also in sophistication. And for this, organizations have to heighten their vigilance to prevent data leaks.
Source: Statista
Notably, DISH, the satellite broadcast company, was hit by a ransomware attack in February. The attack led to significant outages in its internal servers and IT systems and leaked personal information belonging to about 300,000 people.
But this is only one of the several ransomware attacks that have hit various organizations and facilities.
Data Theft
Over the past few years, insider attacks have become a growing concern, with malicious insiders becoming particularly a worry for data theft.
Such concerns contributed to the development of zero-trust cybersecurity solutions since anyone can be a malicious insider, with greater risks assigned to privileged users with access to sensitive information.
Source: Statista
This is not to rule out the role of external elements in data theft, though. A German newspaper, earlier this year, ran a report detailing a myriad of safety concerns expressed by Tesla customers.
According to the electric car company, the confidential data provided to the newspaper was stolen from its system, although it couldn’t tell whether an insider was responsible or an external actor.
Third-Party Breach
Third-party breaches have become a particularly beneficial mode of attack for malicious actors because of the potential of acquiring several victims from just one hit. For instance, according to a third-party breach report, in 2022, 63 vendor attacks led to 298 data breaches across companies.
In January, two insurance companies – Aflac and Zurich Auto Insurance – suffered a data leak that affected millions of records including the information of at least 2 million policyholders with the two companies combined.
According to reports, an unnamed US subcontractor was involved although it was not certain that both data breaches were connected.
This shows the cascading effects of third-party data breaches and underscores why organizations must stop at nothing to ensure that they only partner with companies and vendors that have strong security protocols in place.
Software (API) Vulnerability
APIs were a groundbreaking revelation in software development, but their proliferation has exacerbated the risks of data exposure since sensitive data is increasingly being shared via this medium.
So, API vulnerabilities, such as broken authentication issues easily jeopardize the software’s security and can allow malicious actors to access data illegally.
Source: VentureBeat
An API vulnerability in Twitter’s software allowed threat actors to steal the email records of over 200 million users. Although this happened back in 2021, and the breach was fixed in January of the following year, by mid-2022, the data sets started going on sale on the dark web and were eventually published for free.
Email data are typical targets for phishing and social engineering attacks.
How to Prevent Data Leakage
Preventing data leakage is not an impossible task, although, due to the increasingly sophisticated nature of cyber attacks these days, it can be very tough to handle. However, these few steps should help you overcome the most common causes of data leakage.
- 
Implement a strong data detection and response solution: Unlike traditional data loss prevention systems, DDR solutions prioritize behavioral analytics and real-time monitoring via machine learning to automatically identify and respond to data incidents. 
- 
Evaluate third-party risks: working with a third party, especially when it involves exchanging data, can no longer be business as usual. The risks of your partners are yours too, so you must know where both companies stand and how you can complement, not endanger, each other, security-wise. 
- 
Secure all endpoints: there has been a huge increase in the number of remote access points that communicate with business networks. Plus, they are dispersed too, and sometimes internationally. Adopting a zero-trust approach helps prevent endpoints from becoming leeway for attacks. 
- 
Cybersecurity hygiene: as identified earlier, data leakage can simply be due to unhygienic practices. Methods such as encryption, data backups, password management, etc. are not outdated; they should all be in place to help you maintain your guard. 
Conclusion
Proactive measures, regular security assessments, and a comprehensive cybersecurity strategy are key to mitigating the risks associated with data leakage. As we have seen from the examples, every kind of business, even the biggest tech companies, suffers from this challenge. Therefore, data security is something that all business leaders must take seriously from now.
Also published here
