Equifax as one of the three major organizations that calculate credit scores in the US, present also in Canada and the UK, has access to extraordinary amount of personal and financial data for nearly every American adult. And despite that, they didn’t manage to protect their data from leaking.
Between May and July this year, hackers got their hands on names, Social Security numbers, birth dates, addresses, some driver’s license numbers and about 209,000 credit card numbers. Dispute documents with personal identifying information for about 182,000 people and personal information of people in the UK and Canada got in their hands, too.
With so much personal information, the attackers can easily apply for fraudulent loans, open bank accounts or credit cards, make scams feel more convincing, and more.
What may lie ahead?
The quantity and quality of data leaked and the proportion of the breach should alert companies for what may lie ahead.
The number of security breaches organizations have seen in recent years is rising. To give an idea of the severity of hacks, Bloomberg created a quick guide to the worst corporate hacks. In these cases, hackers were looking for credit card numbers, internal documents, login credentials, and email addresses so they could use those addresses to initiate other attacks. Companies like Sony, Anthem, and even eBay were breached. This shows how hungry hackers are for information and how good they are at what they do.
Hacks will only grow more sophisticated and prevalent. As our world continues to migrate to digital spaces, our data becomes more valuable — and more at risk — than ever.
The next attack can be expected to be much more sophisticated and widespread. So, protecting against the inevitable should be top priority for businesses across the world.
And these security risks are not isolated to Equifax and other companies alike only. Every company is a target.
How we can prevent further such breaches
Alex Hamerstone, a penetration tester and compliance expert at the IT security company TrustedSec says:
“Nothing works 100 percent or even close to it, but a lot of things work to a degree and when you start to layer them on top of each other and start doing basic things you’re going to get stronger security.”
As the physical network is the entry point for every breach, organizations should start by segmenting their networks, which means split them into many “sub networks” known as segments. This approach allows them to group applications and like data together and give access to every group to a specific sector in their organization. This limits the range of access provided to an insider, partner, or a third party.
This way, organizations can enhance network security by controlling access to sensitive data in the form of enabling or denying network access.
So, when attackers try and enter the organization’s network they will be locked in one part of the network. That means that they can’t gain access beyond it and data can be preserved untouched.
Username and password may be easy to hack, but implementing another layer of security, like multi-factor authentication can make any breach harder to occur. Even more, behavioral biometrics – new technology that can dynamically identify characteristic by how you do it – can deliver added value. That’s because, while it’s easy to hack a username or password, it’s impossible to mimic behavior.
Using this kind of authentication, can be used to catch and stop possible attacks, because the analytics engine automatically recognizes the sudden transition from the right person on the device to the wrong person, and immediately preventing access.
Organizations have to implement robust data encryption, so even if attackers access information they can’t do anything with it:
- Full-disk encryption – To make sure everything data in the organization is stored secure As companies have worked to secure their systems, hackers have gotten smarter. If encryption doesn’t protect the data, a hacker can find a backdoor and use it to gain access to personal and financial information.
- Encrypted email – Email is the easiest doorway for hackers to walk through. Email encryption reduces the risk that extremely important personal information is going to be compromised or stolen. This is because the information contained within the email is obscured from the view of anyone other than the sender and receiver.
Review of Apps used
Companies should only keep the Apps they use, so that they know which ones have access to their data. Every app that is not being used in the network should be removed, so that they are discontinued from storing or accessing sensitive data.
And, this not only refers to employee devices apps, but to enterprise apps available via enterprise app stores. A review of the apps should be made and a request for data encryption should be required, so that it is transferred and stored securely.
Legislation and regulation
They may also help create more clearly defined repercussions for consumer data loss that motivate organizations to prioritize data security.
“The only good way for these things to be stopped is for the giant organizations holding this information to be better regulated,” says Jessy Irwin, a cyber security consultant.
Also the collection of data should be regulated, too. Companies regularly collect data simply because they might want to use it sometime in the future. So, there has to be laws that force them to only collect the bare minimum of data necessary. What is more, there should be limits to how long a company can store data, requirements to encrypt anything they collect, and regular security audits.
Secure Swiss Data was established to keep your communications encrypted
Secure Swiss Data has what every organization needs to protect their communications. The encrypted email and data service can help companies ensure everything that is important to them and their clients is protected. When combined with these other computer security tips, companies can make their infrastructure a very hard egg for a hacker to crack.
Secure Swiss Data with the fully encrypted email and data services, encrypts your data starting from your side, then keeps it encrypted on your/our servers and sends it encrypted to the end recipient so there is no possibility your private or corporate data to be exposed.
The information we store on our servers is always protected with encryption and even we can’t read that.