Unnormalized Data Breach

A recent study shows that in 2022 there are at least 30,000 websites being hacked worldwide every day. Businesses are even more vulnerable to these threats but why is it that every time we see it on the news, it feels normal for it to happen continuously?! Is it okay to let it be?

The history of data breaches has gone way back to when the Internet and dot com era first came around, with similar methods of stealing records and demanding ransom in exchange. The first major data breach ever recorded in history happened in 1984 when over 90 million Americans had their credit histories exposed. And soon then, data breach occurrences grew larger in scale with millions to billions of confidential information and ransom to threats varies from money to cryptocurrency in the recent trend. 

The data breach has now become the normal headline news, it’s either we see it too often or not realizing that it happened too often. Living in the era of digitalization has made all information easily accessible especially businesses storing more data on cloud servers but it also certainly made data breaches a lot easier to compromise. On the other hand, hackers became more sophisticated and criminals gained better recognition of the value of the data. These attacks not only target businesses or institutions, but also specific individual and governmental positions… And even you might be one of the targets!

In recent news, Optus announced that it had become the subject of a massive data breach and the target of a “sophisticated attack” with more than 10 million customer accounts exposed publicly and the alleged attacker demanding a ransom of US$1 million in cryptocurrency. Breached data have been revealed to contain countless details of crucial data from customers such as names, email addresses, phone numbers, dates of birth, identification numbers including passport numbers, and driver’s license numbers. The attack happened through the application programming interface (API) by Optus made available online that did not require authorisation or authentication process to access the customer data. Hence, anyone on the Internet with the knowledge could compromise.

Even major corporations have tightened and updated their cybersecurity to act as a preventive shield, so why is it still happening?

Unfortunately, the nature of data breach is essentially “targeting” and “threatening” the weak points of the network – vulnerabilities. Sometimes the process of a data breach isn’t just directly attacking the core web, but instead through employees. Hackers tend to follow a basic pattern by targeting an organization, planning the method to enter, researching vulnerabilities, and developing action. When a target’s weak credentials are spotted, it’s just as simple as sending a fake software update, spam emails, and phishing ads to attract the “click”.

In most cases, data breaches aren’t simply just stealing data but the effect could last for other issues that could put danger to the reputation, finances, and secret state affairs. Real damages are possible and devastating effects will follow. For many major businesses, they are remembered by the data breach itself rather than their actual business operation such as Yahoo, Target, Equifax and many other companies to follow.

Knowing the purpose and methods behind the data breach issues are not solving problems, so what can businesses actually do?

Like the wise quote said, saves a stitch more than a nine. Learning how to securely build a preventive shield and manage the value of data, it enhances double protection for businesses from attacks and breaches. And here are some ways to make sure your business is well-equipped so the worst doesn’t happen:

• Have a risk management program in place

• Create an incident response plan

• Update software and passwords

• Use point-to-point encryption (P2PE) and tokenization solutions

• Adopt vigilance at every level of the organization

Even in this right second, you’re reading, data breaches are happening live around the globe to small and big companies. News regarding data breaches has somewhat become part of our daily lives as we see it too often or it happened too much, but letting it be isn’t a solution it would just stop on its own. So, let’s unnormalize this habit and instead take an active reaction to this action by encouraging and educating people to stay alert. You can never be too cautious!