July 16, 2018
What Is a Data Leak
Practically every day brings its share of personal data losses. Whether it's credit card numbers, account numbers, personally identifiable information (PII) like name, address, phone number, social insurance number and so on. For almost every aspect of our lives, information exists somewhere. When that […]
Practically every day brings its share of personal data losses. Whether it's credit card numbers, account numbers, personally identifiable information (PII) like name, address, phone number, social insurance number and so on. For almost every aspect of our lives, information exists somewhere. When that information is lost or stolen, the people affected find themselves in a situation where their privacy can be exposed or misused, and they won't hesitate to blame the company responsible.
These data losses can happen in many ways; however, the terms used to describe them are often used interchangeably. Whether we talk about an attack, a breach, a hack or a leak, each term brings its own nuances to this vast universe that is the loss of confidential data.
- Attack: An attack is an action specifically carried out and targeted to cause damage or losses using technical or social means. Attacks don't necessarily lead to data loss. For example, a denial-of-service attack (DDoS) aims to disrupt normal operations.
- Breach: An attack that has successfully retrieved sensitive or confidential data.
- Hack: An attack that exploits technical flaws to access sensitive information that would normally be off-limits. A hack can lead to a breach, but it can also be used to insert malware such as a botnet, ransomware or cryptomining.
- Leak: A leak doesn't necessarily require an outside force. It can be due to poor security or the inaction of the data's owner.
There is, however, always something in common. For example, a web server with the default password, or a storage site with no protection. You have to know that the unprotected resource exists. Security through obscurity (STO) isn't really secure. So, would you leave your house unlocked because the odds of a thief stumbling onto your unlocked home are slim?
What is a cloud data loss
A cloud data loss is when personal information belonging to customers or a company is exposed to the internet. The cloud is part of the internet. Cloud service providers, such as Microsoft Azure and Amazon AWS, offer storage space and resources to their clients so they can perform operations on their data. This data is sometimes entrusted to third-party companies that analyze the information without it being encrypted.
It's important to emphasize that, by default, storage spaces, both at Amazon and Microsoft, are private. It really takes a deliberate action to make the data accessible to the internet. Once that action is taken, the boundary between the cloud and the internet evaporates. The data is now as accessible as google.com.
Whether it's an S3 bucket at Amazon, a file share in Azure or simply a misconfigured server, the lack of any guarantee that the information is secured puts the data itself at risk. Once the mistake is made, it becomes very difficult to prove that the information hasn't been accessed. The question remains: who is trying to access this information?
While there are people who might stumble onto the information out of simple curiosity, most leaks are found either by a security researcher or by a person or group looking to exploit the data for financial gain, power or extortion.
A few examples of data leaks
According to researchers, critical data belonging to the Intelligence and Security Command (INSCOM), a command of the U.S. Army's Department of Defense and the National Security Agency (NSA) responsible for gathering intelligence for American military and political leaders, was made available on the internet. As were the virtual systems used for classified communications, to anyone with an internet connection.
Nearly 1.9 million names and email addresses were stolen. While this information may seem non-sensitive, it's nonetheless worrying to see such a large amount of data accessed.
Cloud data losses pose a high risk. The simplicity of the mistake contrasts with the magnitude of the potential repercussions. It's critical to have tight governance and auditing of your data not only on your premises but also in the cloud, otherwise the costs, both financial and in credibility, can quickly turn a good investment into a loss of trust.