How 5 Massive Data Breaches Could Have Been Prevented

In 2018, company data breaches cost victims around the world an average of $3.86 million. Even more costly than cybersecurity investigation is the amount spent cleaning up the mess: notifying customers, paying the government and legal fines, smoothing over the bad PR, and so on.

Data breach is a broad term that applies when sensitive data is released to untrusted sources through hacks, leaks, or other means of losing or exposing the data. A data breach comes with dire consequences for companies, such as the loss of important data, the exposure of sensitive company information, or a third party’s use of the data for nefarious purposes. That’s not even to mention the long-term ramifications like the costs mentioned above, as well as the damage wrought on brand image and customer trust.

Data breaches can be caused by dozens of different things, including theft of devices containing sensitive information, payment fraud, unintended disclosure by employees, or deliberate internal attacks.

Company data leaks are happening all the time, and even major breaches occur dozens of time each year. Security Boulevard reported earlier this week on the AWS Instaleek, in which the personal data of nearly 50 million Instagram influencers were leaked by the Indian marketing company Chtrbox. As a result of the leak, private email addresses and phone numbers of celebrities, bloggers, and other influencers were made public.

Data breaches like this one have a long and complicated history — and they only become more common every year.

The chart above from Statista shows the huge extent to which the number of data breaches has grown since 2005, with 157 breaches in 2005 and then 783 breaches in 2014. Just three years later, that number more than doubled to become a whopping 1,579 leaks in 2017.

The Chtrbox Instagram breach isn’t the only one in recent history (in fact, there are at least dozens more). David McCandless’s illustration above highlights the biggest data breaches since 2009.

Here are some specific examples of recent data breaches so that you can learn from other companies’ mistakes and get a better idea of how to prevent these kinds of leaks in your own organization.

A data breach on Sweden’s healthcare hotline Vardguiden left 170,000 hours of sensitive medical calls stored on an open web server without encryption or authentication. The medical data of 2.7 million people were exposed as a result.

In November 2018, the personal data of Starwood Hotels customers was leaked. The breach affected 383 million customers, and highly sensitive details such as credit card and passport information were leaked.

A Twitter breach affecting 330 million users occurred in May 2018. The glitch caused some users’ passwords to be stored internally in readable text, leaving many personal accounts open for access.

The Facebook data breach in March 2018 continues to go down in history as the most infamous security incident in recent years. Cambridge Analytica, headed by Steve Bannon, harvested the profiles of 50 million Facebook users in order to target US voters and influence the 2016 election.

In September 2017, a data breach occurred at Equifax, a major credit reporting agency in the US. As a result, the personal information of 143 million Americans was exposed.

We can use examples of data breaches like these to learn from other companies’ mistakes. Of course, data breaches are not 100% preventable — leaks often occur without an organization’s knowledge, and many can take months to detect. But that makes it all the more important for companies to put in place strategies for detecting breaches, containing them before the situation gets worse, and resolving the situation with as little damage as possible.

There are several best practices to prevent and minimize data breaches so that you don’t end up experiencing a situation like the companies above. These best practices include:

Defense systems should be upgraded to be able to respond to the latest threats. Hacking strategies evolve constantly, and an effective security tool needs to automatically detect and block all unauthorized or suspicious traffic.

The security of organizational systems must be reviewed constantly. A cybersecurity platform shouldn’t be put in place only to be ignored after installation. Companies should regularly scan for system vulnerability and take seriously any alerts or other concerns.

Companies should consistently conduct penetration testing — simulated attacks against their own system — to detect potential vulnerabilities. This is an effective way to catch and patch vulnerable spots and fine-tune an organization’s security strategy.

Data leaks are often the result of internal breaches, whether deliberate or unintentional. Train all staff in how to identify and report suspicious internal activity, respond to engineering attacks, and manage their devices safely and confidentially.

Every organization should have a response plan in place that they can proceed with immediately after detecting a breach. Security staff must keep an up-to-date record of all threats and have an established, methodological approach in the event of a security incident.

By implementing these best practices, companies will be better equipped to detect and prevent data breaches — and to handle them with far less damage even when they do occur.

A strong cybersecurity strategy needs to have measures in place for detecting, managing, and resolving data breaches. By developing a better understanding the growing threat of data breaches, the types of breaches that occur, and the mistakes companies have made in the recent past, we are better equipped to develop a robust cybersecurity strategy that prevents against these kinds of disasters from happening again.