A data leak is when sensitive data is accidentally exposed physically, on the Internet or any other form including lost hard drives or laptops.
When sensitive data is posted on the dark web following a cyberattack, these events are also classified as data leaks as they help expedite data breaches.
The terms data breach and data leak are often used interchangeably, but that’s incorrect as they’re two separate categories of data compromise.
- A data breach is when sensitive data is accessed and compromised in a successful attack.
- A data leak is the exposure of sensitive data that could be used to make future data breaches happen faster. For example, stolen data posted in ransomware blogs are classified as data leaks as they could be used to compromise IT networks with less effort. Poor data security practices, such as software misconfigurations, also cause data leaks.
How Can Data Leaks Be Exploited?
Four common ways that data leaks are exploited are:
- Social engineering: The most effective social engineering operations are known as phishing attacks. This is when a cyber criminals sends a targeted fake email based on known information to better impersonate an authority figure or executive. Information exposed in data leaks, especially psychographic and behavioural data, are exactly the type of data needed to sharpen social engineering attacks and give cyber criminals the ability to use information against a target they usually wouldn’t know.
- Doxxing: Personally identifiable information (PII) can be used for more than credit card fraud. Doxxing is a practice of acquiring and publishing a person’s information against their will. Doxxing is performed for a variety of reasons. In cases of political extremism, vendettas, harassment or stalking, exposed PII can cause real harm to people.
- Surveillance and Intelligence: Psychographic data has many uses. Its very purpose is to predict and shape opinions. Political campaigns use it to win votes and businesses use it to win customers.
- Disruption: Data leaks can be used to slow or stop business operations can exposed sensitive information to the public. Information exposed in a data leak can have drastic consequences for government, businesses and individuals.
How Can Data Leaks Be Prevented?
The four common ways to prevent data breaches are as follows:
- Automate Personally Identifiable Information Scanning: Many cloud providers, such as Microsoft have tools built into their document management systems that scan documents being downloaded or shared for Personally Identifiable information and either notify users, or block users from downloading or sharing these documents. Configuring and enabling these tools will stop accidental sharing or download of sensitive information automatically.
- Validate Cloud Storage Configurations: As cloud storage becomes more common, the amount of data that is being moved in and out of cloud storage is increasing exponentially. Without proper process, sensitive data can be exposed in an unsecured bucket. This is why cloud storage configurations must be validated at deployment and during their time hosting sensitive data. Continuous validations minimize the cybersecurity risk that data will be exposed and can even proactively notify you if public access occurs.
- Automate Process Controls: At a large enough scale, validation becomes difficult to police. Computers are far better at maintaining uniformity than people. Automated process controls should act as executable documentation that ensure all cloud storage is secured and stays secure.
- Monitor Third-Party Risk: Your vendors can expose your information as easily as you can. Even if you don’t expose your customer’s data, you will still be held accountable for the data leak in the eyes of your customers and often your regulators. This makes assessing third-party risk, fourth-party risk and cyber security risk assessments as important as in-house cyber security and information risk management.
If you want to know more about data leaks and how to protect against them, contact us at Netier today.