The year 2022 saw several high-profile data breaches that exposed millions of individuals and businesses. These breaches highlighted the need for organizations to prioritize and implement robust measures to protect their systems and data from cyber threats.

Here are some lessons we can learn from 2022's biggest data breach stories.

  1. Third-Party Vendors are a weak link

Third-party vendors are something organizations must rely on to protect critical data. However, as Uber has discovered this year, this comes with significant risk. On December 10, an attacker breached third-party asset management vendor Teqtivity’s internal systems by exploiting vulnerabilities in their AWS backup system and leaked the account information and personal data of around 77,000 Uber employees on a hacker forum. 

Before that, on September 15, a hacker going by the name ‘Tea Pot’ successfully breached Uber’s internal infrastructure and cloud services before using its internal Slack to brag about the attack. The attacker accessed Uber’s systems after ‘MFA bombing’ a contractor, hitting their SMS with login requests until they accepted one and granting access to Uber’s internal systems.

Uber isn’t unique here. Third parties are increasingly a weak link in the cyber security chain, with a report by SecureLink showing 51% of companies have now experienced a data breach that exploited security weaknesses within the supply chain.  

Organizations should seek a thorough understanding of their third-party vendors inside and out, with careful screening, structured onboarding, and regular risk assessments of third-party vendors required to ascertain what systems will be accessed, which data they may hold, and potential avenues of compromise. 

 

  1. The human element continues to be the weakest link

Research by CS Hub revealed that 75% of cyber security researchers see social engineering as the biggest threat. It’s not hard to see why; humans are often the most straightforward way into any organization. You can have all the defenses in the world, but they’re not as helpful if staff can be deceived into letting someone unsavory into the organization’s network.

Dropbox found this out firsthand this year when a hacker accessed a GitHub account of a Dropbox developer who had fallen victim of a phishing email. The attacker could access 130 internal code repositories that belonged to Dropbox, though Dropbox insisted they didn’t contain anything related to core applications. However, Dropbox admitted that there may have been some plain text API keys and credentials among the code, including thousands of names and email addresses belonging to Dropbox employees.  

Technology conglomerate Cisco has noted that social engineering attacks are getting more complicated and common. Organizations must use procedures like multifactor authentication, strong email security, good password management, and consistent employee training to stay on top of social engineering attacks. 

 

  1. Keep access to the most valuable data strictly limited 

Companies today are learning the hard way to limit access to their more critical data. It’s crucial to do this, as not limiting who can view your data could prove extremely harmful to the organization and put staff and customers at risk.  

Pegasus Airlines this year were reminded of the importance of this principle when an AWS cloud storage bucket was left unprotected, resulting in the firm unintentionally putting 23 million files and 6.5 TB worth of data online. The data included information on EFB software, flight charts, navigation and crew material, passwords in plain text, and more. 

Organizations should seek to control access to data throughout the company, whether by ensuring specific roles only have access to certain information or ensuring employees aren’t accidentally or purposefully breaking data management and security policies.

By investing in advanced technology, implementing robust security policies, and educating employees about data protection, you can strengthen your cybersecurity measures. Count on our team of experienced professionals to help you protect your data, secure your network, and recover from disasters. Talk to our experts today.

3 Lessons We Can Learn From 2022’s Biggest Data Breaches

 

Column Header Text Column Header Text Column Header Text

Their work should have not stopped there because achieving compliance is an occasional result that doesn't ensure a continual protection.

Their work should have not stopped there because achieving compliance is an occasional result that doesn't ensure a continual protection.

  • Their work should have not stopped there because achieving
  • Their work should have not stopped there because achieving
  • Their work should have not stopped there because achieving
  • Their work should have not stopped there because achieving

Their work should have not stopped there because achieving compliance is an occasional result that doesn't ensure a continual protection.

Their work should have not stopped there because achieving compliance is an occasional result that doesn't ensure a continual protection.

Their work should have not stopped there because achieving compliance is an occasional result that doesn't ensure a continual protection.

Performing a review of the media inventories at least annually

Performing a review of the media inventories at least annually

Performing a review of the media inventories at least annually

Row Header Text

Lorem ipsum dolor sit

Lorem ipsum dolor sit

23

Row Header Text

Lorem ipsum dolor sit

Lorem ipsum dolor sit

23

Row Header Text

Lorem ipsum dolor sit

Lorem ipsum dolor sit

23

Row Header Text

Lorem ipsum dolor sit

Lorem ipsum dolor sit

23

Row Header Text

Lorem ipsum dolor sit

Lorem ipsum dolor sit

23

Row Header Text

Lorem ipsum dolor sit

Lorem ipsum dolor sit

23

Row Header Text

Lorem ipsum dolor sit

Lorem ipsum dolor sit

23

Row Header Text

Lorem ipsum dolor sit

Lorem ipsum dolor sit

23

Discover More

Advantio_Blog_DNS_Diagram_V1 Image caption goes here. This is HTML text.

Aaron Valentine

Written by

Aaron is a recent graduate of the University of Gloucestershire, where he studied cybersecurity. He is a cyber security consultant at Advantio, using his expertise to help clients secure their systems and protect against cyber threats. In his free time, Aaron enjoys traveling and long walks.

Schedule a call with an expert

WHAT OUR EXPERTS HAVE TO SAY