With global events happening all around us, it’s time to reflect on how the year before us affected the cybersecurity world, and the lessons we learned during this period. It’s been a very turbulent time in cybersecurity, with the technology sector going through financial turmoil, which in turn caused some critical vulnerabilities to occur.
This is part of a series of articles about Data Breach.
The Biggest Breaches
Some of the biggest breaches involved some of the biggest tech companies! Twitter & WhatsApp are just top-of-the-shelf examples of how even the richest and most powerful organizations constantly have to keep up in order to keep their data safe.
Optus Data Breach
It sounds bad when you first learn that a giant telecommunications company suffered a data breach. But it’s only when you learn that no less than 11 million people had their data leaked does it go to the next level.
The hackers accessed all sorts of personal data after which they supposedly contacted all the users with a $1300 offer to keep their data private. Not only that, but those users started becoming a target of recurring phishing attacks. Some journalists reported that the hackers gained access to the data by accessing an unauthenticated API endpoint, although the details of the attack are yet to be published online.
Medibank Data Breach
Another company from The Land Down Under took over the unfortunate headlines in the twilight of this year as Medibank suffered a huge cybersecurity breach. To be more specific, an anonymous hacker collected 9.7 million records of Medibank’s customers.
After the company refused to give in to hackers’ requests, the cybercriminals dumped more than 5GB of compressed data online. All the analysis indicates that the data dump, indeed, contains the Medibank customer information.
DoorDash Data Breach
The summer of ‘22 won’t be remembered as a particularly happy one for DoorDash users. Perhaps the biggest food delivery company suffered an enormous leak where almost 5 million of their users had their data stolen.
What’s really interesting is that the attack happened via a very sophisticated phishing campaign, ultimately causing big damage to DoorDash in terms of customer trust.
Luckily, hackers only accessed some credit card data from a smaller group of people, but even in those cases, it was mostly the last four digits of their card number – still a big risk, but not as threatening as some other data leaks out there.
Security Starts at Your Own Home
When talking about big security breaches, a lot of companies focus their defense mechanisms solely on technical details. They make sure that the system they’re using is impenetrable. However, there’s a big gap that often occurs, resulting in some of the biggest data leaks – and it’s human error.
Making sure that your employees are the first line of defense is crucial in maintaining safe environment, protected from outside breaches. This means constant education of your employees, enrolling and encouraging them to take up security courses, and raising the overall level of cybersecurity awareness in your company.
Creating a safe environment isn’t, and never has been an individual effort of a few people specialized in cybersecurity. It’s always about the whole group that has to stay organized and aware of all the outside threats in order to make sure that costly slip-ups don’t happen. Ultimately, the chain is as strong as its weakest link, and that theory perfectly applies to cybersecurity.
From all the lessons we’ve learned in 2022, it’s time for all of us to take action, broaden our knowledge, and work on our cybersecurity awareness. These are the steps necessary in going to the next level and raising our security levels online.