How To

Data Breaches That Occurred in 2019 and How Cybersecurity Frameworks Can Work To Prevent Them

Data breaches are expensive. A company that suffers a data breach will spend about $4 million to recover lost information and shore up their defenses. Data breaches cost more than money. A company’s reputation is often at stake after such an occurrence.

What can cybersecurity do to detect and prevent these costly attacks? When implemented correctly, it can reduce the likelihood of an attack by a great margin. These data breaches that occurred in 2019 emphasize the need for cybersecurity frameworks.

  • Blur – this company offers password management and protection service. Ironically, one of its servers was left unsecured, exposing the names, password hints, IP and email addresses of 2.4 million users
  • Fortnite – this popular game has over 200 million users. Cybercriminals could use multiple vulnerabilities in the game’s online platform to view players’ personal information and eavesdrop on their conversations
  • Alaska Department of Health & Social Services – cybercriminals attacked the Alaskan division of public assistance and got access to the identities of 100,000 people who had applied for government assistance
  • Dunkin’ Donuts – hackers gained access to the popular company’s accounts related to members of the DD Perks awards. They proceeded to sell the awards on the dark web. The breach was enabled by credential stuffing.
  • Facebook – a security vulnerability on Facebook’s platform gave hackers access to about 50 million accounts. This hack was enabled by access tokens, which allow users to stay logged in on their devices. Due to the hack, affected users had to log in to their accounts afresh.
  • Whatsapp – hackers exploited the messaging app’s voice call feature to install surveillance software on users’ phones. The breach affected 1.5 billion users from all over the world. The spyware had access to users’ microphone, camera, email, and messages.
  • Instagram – a database containing the contact information of 49 million users was left exposed. The majority of the information was that of influencers, celebrities, and corporate accounts.
  • Quest Diagnostics – financial information and social security numbers of 12 million patients were exposed in a data breach. Hackers gained access to the payment portal of one of the company’s vendors.
  • Los Angeles County Department of Health Services – due to a phishing attack on a contractor for this department, personal information for about 15,000 patients were exposed.
  • DoorDash – a third party vendor for this food delivery service was hacked, revealing contact details of about 4.9 million users of the platform.

Cyber attacks are becoming frequent and sophisticated. You may be able to identify one attack and miss the next one. A solid cybersecurity framework deals with data breaches comprehensively. It does so by:

  1. Securing passwords

This is the most basic form of protection. Cybersecurity knowledge will prevent criminals from gaining entry and changing passwords. It requires that you use unique, unpredictable passwords. You will also enable two-factor authentication on all platforms.

  1. Creating backups

Having a backup of important data on an external hard drive mitigates the loss that often comes with a data breach.

  1. Securing wireless networks

Whether at home or your business, wireless networks can be hacked. Setting strong passwords is one way of keeping cybercriminals away from these networks. Wi-Fi networks should be encrypted, secured, and hidden.

In order to safely hide your network, you should set up a router. This ensures your SSID is not broadcast.

  1. Designing computer-based systems that meet security needs

All systems in an organization should meet the basic cybersecurity requirements. They should be safe from unauthorized access and have the ability to send alerts when suspicious activity is detected

  1. Analyzing systems for risks

Developing and implementing a monitoring strategy ensures that any potential breaches are detected early. The strategy should combine technical and transactional risk analysis

  1. Developing cybersecurity policies that are relevant and sufficient for organizational needs

Conclusion

To Top

Pin It on Pinterest

Share This