Lessons Learned From Data Breaches in 2017

Same Problem, Different Landscape

Reading about data breaches on paper never does the concept justice. Hearing that data breaches in 2017 were – and continue to be – “big problems” for all types of organizations can desensitize us to the true implications of a data breach event. 

The inevitability of data breaches can leave companies feeling defeated, and the monetary losses tied to these security incidents only adds to the damages. Throw in the thought of unhappy complaints from customers or clients about protecting their sensitive information, dealing with the legal consequences and hits to your business’ public reputation – and you’ve got yourself a perfect data breach storm.

The truth is that a data breach will impact more than just the business itself. It affects customers, clients, employees and vendors too. Let’s review some of the data breaches that occurred in 2017, see what we can learn from the mistakes that were made and improve overall data breach prevention and response in the new year. Continue reading

1.4B Credentials Dumped, Dark Web Database Found

From Data Dump to Dark Web Database 

On Dec. 5, 2017, a massive database with data from over 300 data breaches was discovered on the Dark Web. This Dark Web database contains over 1.4 billion unique clear text, or publicly viewable, login credentials, which experts have confirmed are legitimate pairings. 

To make a long story short, 41GB of publicly viewable data was dumped on the Dark Web. From there, the information became accessible via a “Dark Web database,” allowing hackers to search the aggregated data by password type, user, breach event and more. 

Unlike a single data breach event, this database aggregates breached data from hundreds of big-name data breaches like Netflix, LinkedIn, Minecraft and Bitcoin. The database is even more concerning because the information was found in clear text – meaning that anyone with access to it can view it.  Continue reading