Data, as the saying goes, is the new oil. It’s a reference to the fact that, just like oil, data is an incredibly valuable commodity. Data powers some of the world’s biggest tech giants and the user experiences they offer. More data than ever is gathered about individuals, whether it’s the links we click on, the searches we make and products we buy, our precise location and movement patterns, and more.
Due to the uptick in e-commerce and online transactions, many companies also possess copious amounts of Personally Identifiable Information (PII) about their customers, such as names, contact details, Social Security numbers, passport information, healthcare history, bank information, and myriad other details. Users are typically happy to grant this information to companies because they trust that it will be kept safe.
Unfortunately, that’s not always the case. Data can be exposed in a data breach, meaning that confidential or sensitive information is released to an untrusted environment. A data breach may be extremely damaging to both users or customers (especially in the event of identity theft, in which stolen data is used to impersonate a user, typically for financial gain) as well as to organizations.
In some cases this damage might be reputational. It could also be disruptive to the operations of a business. In other situations, when the breach results in protected data being exfiltrated by bad actors, it could be accompanied by demands for payment, such as is the case with newer “double jeopardy” ransomware attacks. In still other cases, there may be other financial penalties, when governments or other regulatory bodies determine that there has not been adequate protection for user data.
The British Airways data breach
While organizations are hyper-aware of the threat of data breaches and the risks they pose, there continue to be incidents in which large quantities of sensitive data is breached. In July 2021, British Airways settled a case relating to a 2018 data breach, in which 16,000 individuals filed a lawsuit after a large-scale breach exposed names, addresses, and payment card details.
A total of 420,000 people were impacted by the breach, including both customers and airline staff. In the end, British Airways was fined 20 million British pounds ($27.5 million) for its “unacceptable” failure to properly protect customers. Although this amount was significant, it was considerably less than the 183 million pounds ($252.5 million) originally threatened. Nonetheless, it was a large enough sum that it serves as a reminder of how damaging data breaches can be — and frequently are.
Data breaches may be caused by multiple factors. One is insider leaks, such as disgruntled employees seeking revenge deciding to exploit their access to sensitive systems in order to leak data. Another is caused by accidental exposure of data — for instance, information being saved to non-secure locations or an internal server being mistakenly exposed to the internet. Still others are the result of malicious attackers purposely attempting to exfiltrate data.
In the case of a malicious breach by cyber attackers, there are typically four stages involved. In the reconnaissance stage, attackers identify possible targets. They then breach the target’s security perimeter to gain access to the network. After this, they will sometimes have to move laterally and escalate their privilege level to gain access to the data they’re seeking. Finally, they enter the exfiltration stage in which they are able to transfer sensitive data from the target’s network to the location of their choice, after which it could be sold, used to extort its rightful owner, or otherwise exploited for personal gain.
Defend against data breaches
It is essential that any modern organization defends itself to the utmost against the threat of a data breach. Many breaches take months to be discovered, by which point there is little that victims can do to adequately protect themselves and their customers. The best response is, of course, not to be the victim of a data breach at all. Part of this involves training and awareness of human staff to protect against social engineering attacks or other accidental causes of breaches. Carrying out vulnerability assessments of systems to find weaknesses is also essential.
Fortunately, when it comes to data breaches, modern cybersecurity tools can help. For instance, Web Application Firewalls (WAFs) can assist in protecting against web application security threats like Cross-Site Scripting (XSS), SQL injection, remote file inclusion (RFI), and more.
Data breaches aren’t going away. As more and more of our vital data is digitized and stored online with a growing number of companies, the threat profile only becomes more notable. However, by selecting the right tools — and the right company to provide those tools — it’s possible for organizations to safeguard against being a victim of data breaches.