Data theft occurs when information is obtained illegally from an organization. There are many ways to steal it, and it may be used for various reasons, such as for financial gain, sabotaging business operations or causing reputational harm. The motivation to steal personal data is high because there is a huge market for work email addresses, credit card information etc. Here are some common types of data theft and how you can protect your organization against the risks.
Internal and external data theft
Insiders or outsiders can steal data. Malicious employees may attempt to steal sensitive data stored via email, USBs etc. Employees can also be negligent or careless and fall prey to phishing tricks or leave a critical server unsecured.
Cybercriminals are always looking for vulnerabilities they can exploit, such as the use of obsolete data protection standards, misconfigured cloud storage or unpatched system vulnerabilities. They will launch ransomware attacks or man-in-the-middle attacks to infiltrate an organization’s network.
Customer relationship management platforms like Salesforce can save an organization millions, but its clouds and modules allow access to external suppliers, contractors, customers, and partners. Many external users make the platform more vulnerable to data theft. Proper protection for Salesforce involves using an advanced threat protection solution to protect against all Salesforce content-borne threats.
Data theft examples
- In March 2020, Cam4, a popular live-streaming adult platform, was made vulnerable when one of the website’s production databases was left open to the internet on a misconfigured Elasticsearch cluster. This resulted in 10.88 billion records being stolen.
- In June 2021, LinkedIn had 700 million records stolen when a hacker scraped data by exploiting its API. The hacker put the data up for sale on the dark web.
- In July 2022, American airlines suffered a breach as a result of a phishing attack. Fortunately, only 1,708 customers and employees had data exposed in the incident.
- In July 2022, Marriott International confirmed that hackers had stolen 20 gigs of sensitive data. The breach was apparently the result of a social engineering attack where an employee was tricked into granting access.
- In August 2022, Group-IB, a cybersecurity company, released a report about a phishing campaign. It lasted for months and compromised about 130 companies, including Doordash, MailChimp, Twilio and Cloudflare. Attackers imitated the authentication service, Okta. Via text message, they directed targets to a fake authentication page where victims would enter their login credentials. This gave attackers access to their accounts.
- On August 10th, Cisco shared a report on a breach that occurred to their network in May 2022. The attackers used compromised employee credentials, MFA fatigue attacks, and vishing to gain access to the Cisco VPN.
The consequences of data theft
Data theft can cause financial, operational, and reputational damage.
- In many cases, data theft exposes an organization’s non-compliance with data security mandates. Data protection agencies can penalize non-compliance with heavy fines.
- Consumers tend to lose trust in organizations that suffer data breaches. It can take years for them to recover their brand reputation.
- Most organizations have to do plenty of damage control if data is stolen. Routine operations are often brought to a standstill to analyze the damage. The loss of productivity can result in huge financial losses.
- An in-depth forensic investigation is necessary to find the origin of a breach and assess its impact.
Ways to protect your organization
There are many different ways to protect your organization, but none of them are foolproof. The following security best practices can help to reduce the risks of data theft.
- Locate and map your sensitive data. Organizations need to find out what sensitive data they possess so they know what is worth protecting. Using tools to discover and classify data helps to streamline the process and map out sensitive information.
- Use an access management solution: This can limit who has access to what information. You can make sure employees only have access to sensitive information if they need it to do their jobs. This can reduce the risks of it being handled improperly or becoming compromised. In the event of a data breach, it also becomes easier to determine where the breakdown in security happened.
- Train employees: Employees need to understand why it’s so important to use strict security protocols and what the consequences could be of not using them. For example, they need to be very clear about the need to exercise caution and check out a link before clicking it. Checking the email address is also important because it could differ from a legitimate address by one number or other small changes.
- Check third-party security and compliance: If you share data with any third parties who have access to the area of your network where data is stored, you need to ensure they are operating securely.
- Implement a next-generation firewall: Firewalls dictate the traffic that passes through them. However, they can be circumvented by hackers. Next-gen firewalls provide more comprehensive application control and visibility. They provide capabilities beyond a traditional firewall.
- Use strict endpoint security measures: with strict endpoint security measures to control device usage, there is less chance of data theft. Using unsecured mobile devices, employee routers, or any other unprotected access points can affect even the strongest networks.
- Perform routine penetration testing: It is important to keep assessing and testing systems and software for vulnerabilities.
- Use a video surveillance system: A video surveillance system can help to prevent the theft of physical devices that may contain sensitive information.
There is no way to guarantee that your organization will never experience data theft, but you can take various measures to reduce the risks. As employees are often the weak link in a chain of security, you need to make sure they understand the consequences of data theft and are aware of the methods attackers use. No individual solution can stop data theft, but layering multiple security solutions can protect your data and reduce the risks and impact of data breaches.