Data Breaches In The News - What Happened & How to Protect Yourself

NYC Schools

Over 820,000 NYC Public School students had their data compromised in a recent hack of the school system's networks. New York City's Department of Education stated that they believe the system breach occurred in January of this year; at this time, the online grading and attendance systems were compromised. It is believed that this is when the cyber crooks took what they likely saw as the opportune moment to take some data with them on their way out. This is obviously a controversial hack as it involves personal data for students, but it is also contentiously debated as the school system is blaming the company behind their site maintenance for the breach, stating that they believe that the company lied about the breadth of their cybersecurity abilities. It is currently unknown what, if anything, has been done with student data. Unfortunately, when it comes to data breaches, stolen data often either ends up being held for ransom or being sold on the dark web to other malicious actors. Hopefully neither of these options becomes reality for this particular situation.

Cash App

Whereas the NYC Public Schools breach was due to (in the school system's eyes) the poor security standards and capabilities of an outsourced company, the Cash App breach uncovered earlier this month was caused by a former employee. This previous Cash App worker accessed US customer data including users' full names, brokerage account numbers, and stock trading activity on December 10th, 2021, but it was made public on April 4th when a filing was submitted to the SEC. The employee reportedly had access to the now compromised reports when they were employed with Cash App, however, in this case, they were accessed by said employee without permission after the employee no longer worked for the company. The company declined to state how many customers were impacted in this breach, but have decided to contact approximately 8.2 million current and former customers regarding this incident. The company is launching a further internal investigation to see if any other suspicious activity has been happening to the company's customer data.

HubSpot Crypto Breach

Roughly 30 cryptocurrency companies were affected in a HubSpot data breach. HubSpot is a company which manages the marketing campaigns for over 135,000 customers. Similar to the Cash App breach, this too was caused by a person who worked for HubSpot. In this case, it was a current employee who went rouge and breached specifically the company's cyrptocurrency customers. Multiple players in the crypto realm were impacted including crypto lending platforms, bitcoin companies, and cryptocurrency funds. The vigilante employee has since been fired (obviously) but the actions of this person are long-lasting. Trust that companies have with HubSpot is likely at least fractured, if not broken.

How to Protect Your Company from a Breach

• Vet outsourced companies
• In the first breach, NYC Schools were affected due to the lack of cybersecurity protocols of an outsourced company. According to the school system, they felt that the company they were using misrepresented their abilities and made it appear as though they were more secure than they were. This may or may not be true - regardless, it is still a responsibility of the school system to vet the companies who they are outsourcing pieces of their business to. Do not let this deter you from outsourcing areas of your operations! Using the skills of specialized companies can save you time, money, and give you peace of mind as well. You just have to be sure to research the company thoroughly. Look into the company's cybersecurity mission and see if it aligns with your own. Read or request reviews by other companies and see what they have to say, both positively and negatively, about working with said company. Look for trends in this feedback and make an educated decision about outsourcing. No one solution will work for all businesses, and it may be that a company looks good on paper but ends up not being ideal to continue working with - research, create a plan that is best for you, and be adaptable as needed.
• Train your employees & moderate their access
• Employees - former and current - can be a company's greatest cyber strength, or their biggest vulnerability and threat. We saw the ways in which employees can be a company's downfall in the breaches discussed, but the reverse side of the coin comes when you train employees well on cybersecurity best practices. Trained and dedicated employees will help you to detect vulnerabilities, be aware of what to look for when it comes to attacks like phishing scams (often the entryway for many malicious actors to initiate a data breach), and how to help their peers in times of need. They need from you as their manager or leader a strong, clear cybersecurity message, continuous trainings, and a dedicated individual or team who they can go to with any questions or concerns. The tone of a company culture often begins from the top down, but only works well if the folks who do the daily work feel enabled and encouraged.
• One other factor to consider with employees and cybersecurity is giving them reasonable access for their work to get done, but not more than they need to have. More clearly, give your employees access to all of the data necessary to get their job done and done well, but do not give them needless access to any data which they do not need in order to get their work done. The HubSpot attack was an example of an attack where the employee account used to carry out the attack had too many privileges for the work needed to be done - had the employee account been denied access to unnecessary data, it is possible that the breach would not have been so impactful to the company's customers.
• Additionally, be sure to completely revoke an employee's access and authorities when they leave the company. Even if they left on good terms, their access was only needed when employed and leaving your company's data in a former employee's hands is not a smart or strong cybersecurity tactic.
• Monitor your networks constantly
• Some of these breaches went unnoticed for lengthy periods of time - four months for the Cash App breach! Many other data breaches have even gone undetected for years. To try and catch a breach or any other cybersecurity vulnerabilities or abnormalities, be sure to monitor your networks on a constant basis. Keep systems up-to-date and even consult cyber professionals in your area if there is anything especially unique detected.

Image by rawpixel.com for Freepik.