In 2023, the migration to the cloud, the rise of artificial intelligence (AI), and machine learning have greatly increased the use, spread, and storage of data in the cloud. This has led to an increased focus on data as a standalone security priority. However, attackers have not been far behind in their efforts to exploit these vulnerabilities, leading to a number of high-impact data breaches.
One such breach occurred in May 2023 when a ransomware group known as CL0P (TA505) exploited a zero-day exploit in MOVEit, a managed file transfer software. The attack resulted in the exposure of over 62 million individuals’ records and impacted more than 2,000 organizations, with a total cost of $10 billion in damages. This breach highlighted the widespread damage that can result from a flaw in a single piece of software, affecting governments, industries, and individuals around the world.
In October 2023, a threat actor known as ‘pwn0001’ brokered access to identification and passport details of 81.5 million citizens of India, extracted from the Indian Council of Medical Research (ICMR)’s COVID-19 databases. This breach is considered the most significant data breach in India’s history and underscores the vulnerability of large and strategic databases when not properly secured.
Another high-impact breach occurred at genetics testing company 23andMe, where 9 million user accounts were compromised, with over 5.5 million customer records scraped and leaked. This breach highlighted the risks associated with highly sensitive databases and the need for robust data security measures to prevent unauthorized access.
The key insights from these breaches emphasize the importance of accountability and rebuilding trust with customers. Organizations must understand the inevitability of attacks and their role in preventing damage and disruption. With the increasing use of generative AI tools and the rising number of identity-based breaches using techniques such as credential stuffing, organizations must prioritize data security planning to protect sensitive information.
To mitigate these risks, organizations are advised to take accountability for their sensitive data and react quickly to reduce its risk by eliminating unnecessary data, implementing encryption, and managing access permissions. Additionally, organizations should embrace both “left-of-boom” (pre-attack) and “right-of-boom” (post-attack) responsibility to effectively react and reduce the impact of data breaches.
Ultimately, complete discovery of sensitive data, wherever it resides within the organization, is crucial for reducing risk and controlling data sprawl. With the continued evolution and adoption of new technologies, including AI and machine learning, the importance of data security planning and implementation will continue to be a critical priority for organizations in 2024 and beyond.