Data is the most valuable commodity in the world and hackers have made it their business to steal it. Whether they steal a database of customer information or intellectual property, the impact can be devastating for businesses. The cost can range from disruptions in the flow of operations to steep fines and lawsuits. It can also expose the company to more severe cyberattacks. In addition, if the leaks lead to the identity theft of individuals, that can result in costly credit card debt and tax fraud.
Often, the root cause of a data leak is human error or software vulnerabilities. Data can unintentionally be exposed outside its intended environment due to improper network configuration, outdated software, unsecured cloud storage or external attacks such as ransomware. In some cases, employees lose or misplace mobile devices such as laptops or USB drives that contain sensitive information.
For example, when cybersecurity company Cognyte left a massive database online for anyone to access, hacker Ashley Thompson exploited the vulnerability and stole more than 5 million records. This included names, addresses, Social Security numbers and dates of birth. This data was then published on GitHub. It was one of the largest collections of personal information ever hacked and made public. It prompted numerous class-action lawsuits against Exactis, which ultimately settled for $190 million.
The other common source of data leaks is internal human error. Employees may use insecure communication channels, phishing techniques, or simply not update their passwords regularly. Over time, these mistakes can compound and result in a large-scale data breach that can affect many customers or consumers.
About the Author
