Data leaks occur whenever a user or organization has their sensitive information exposed, putting the security and privacy of companies and people at risk. Know more!

The Data Breach Investigation Report 2022, conducted by the Ponemon Institute, provides an overview of data breaches occurring in 2022 in 17 countries and regions and 17 different industries.

To produce it, more than 3,600 people from companies that suffered leaks were interviewed, which made it possible to gather some relevant information.

According to the study, 83% of companies surveyed had more than one data breach. In addition, 60% of leaks resulted in higher prices being passed on to customers and the average cost of one of these events was US$4.35 million.

In this article, we are going to talk more about data breach and address its main causes. To facilitate your reading, we have divided our text into the following topics:

1. What is a data breach

2. What are the 5 common causes of data breach

3. Examples of data breach

4. What are some common types of violations

5. How to prevent data leakage

6. About senhasegura

7. Conclusion

Enjoy your reading!

1. What is a data breach

A data breach happens when a person or organization has their confidential information exposed due to security breaches, creating risks for the companies and people affected.

When this occurs, the organization needs to notify the control authority soon after learning of the occurrence, in the shortest possible time, in addition to the people who had their data compromised.

If the company is a subcontractor, it is also necessary to notify the person responsible for processing this information.

2. What are the 5 common causes of data breach

The main causes of data leaks are:

• Insider threats due to misuse of privileged access

• Weak and stolen passwords

• Malware

• Social engineering

• Exploitation of software vulnerabilities

Learn more about each of them:

• Insider threats due to misuse of privileged access

Within an organization, employees have privileged access to sensitive data and may misuse these permissions, intentionally or unintentionally.

This can happen in a variety of ways and for a variety of reasons, whether it’s selling information on the dark web, sabotage due to dissatisfaction at work, or simply losing a device with access, such as laptops.

Therefore, it is advisable for companies to adopt the Principle of Least Privilege, according to which each user has only the necessary access to perform their functions. In this way, in the event of a leak, damage to the IT environment is limited.

• Weak and stolen passwords

One of the main causes of data leaks is the use of weak or reused passwords, which facilitate credential theft.

The use of weak passwords occurs because many people rely on predictable patterns like ?123456?. The reuse of passwords is a practice adopted due to the difficulty in memorizing a large number of complex accesses.

As a solution, we recommend the password manager, which allows you to store all your passwords, requiring the use of a single set of credentials to access them.

• Malware

Malware is malicious software used by cybercriminals to exploit one or more potentially connected systems.

There are several types. One of them is ransomware used to encrypt data or block a computer’s resources and demand a ransom payment in exchange for releasing that machine or system.

To avoid malware infection, it is important to be careful when accessing suspicious websites or opening emails.

• Social engineering

Social engineering is also among the leading causes of data leaks. In this type of attack, malicious actors manipulate their victims into sharing confidential information or taking actions on their behalf.

A tip to avoid attacks of this nature is to always be suspicious of promises that seem too good to be true.

• Exploitation of software vulnerabilities

Malicious actors can exploit software vulnerabilities in a number of ways. As such, it is important that exploits are found and addressed by the organization before they are identified by hackers.

When a vulnerability is fixed, the software provider releases an update patch that must be applied by the company. This must be done immediately in order to avoid exposure to the threat.

3. Examples of data breach

Below are examples of the main causes of data breaches:

Major data breach caused by misuse of privileged access

Recently, there was a privilege leak at Uber, allegedly caused by the misuse of permissions. The attacker is believed to have purchased the password from an Uber professional on the dark web after his personal device was infected with malware, exposing his data.

The contractor would have received two-factor login approval requests and granted access to the hacker.

This social engineering technique is known as an MFA fatigue attack and consists of bombarding users’ authentication application with notifications to get them to accept and allow access to their accounts and devices.

Massive data breach caused by the use of weak and stolen passwords

A single stolen password prompted a hack attack against U.S. pipeline operator Colonial Pipeline in May 2020.

It is believed that this was possible because the corporation used an old virtual private network (VPN) system that did not have Multiple Authentication Factor, requiring only a password to access its resources.

Massive Data Breach Caused by Malware

New Mexico’s largest county was the target of a ransomware attack in early 2022, which left several government offices and county departments offline.

This attack disabled the security cameras and automatic doors at the Metropolitan Detention Center and due to failures in the electronic locking system, inmates had to be confined to their cells.

Massive data breach driven by social engineering

Between 2009 and 2011, American tabloids were reported to have hired hackers to find out news about their targets, who ranged from movie stars to ordinary citizens, by intruding on their cellphone voicemail.

For this, various social engineering techniques were used, including the pretexting scam, which refers to lies invented by cybercriminals to request information from users.

Major data breach caused by exploiting software vulnerabilities

In this topic, we did not bring an occurrence, but one of the great examples of software vulnerability that can generate data breach: Log4Shell.

Log4j is a computer program developed and used to record activities that occur in various systems, including errors and routine operations. Log4Shell happens when using a certain feature in Log4j, which makes it possible to define a custom code to format a log message.

Through this feature, it is possible to register the username, related to the attempts to login to the server, and its real name, if a separate server has a directory that associates usernames and real names.

Thus, Log4j ends up allowing malicious attackers to send software code that can perform all kinds of actions on the victim’s computer, opening loopholes for numerous threats, including data breaches.

4. What are some common types of violations

Companies of all sizes and segments are vulnerable to hacker attacks and data breaches. Check out the most common types of leaks below:

• Ransomware attack

Ransomware is a type of malicious software used to encrypt data and block systems, demanding a ransom payment to return access to these resources. Another possible purpose of ransomware is to destroy files stored on devices and networks.

Among the strategies most used by hackers who spread ransomware or other types of malware, sending emails with malicious files and links stands out.

• Theft or loss of devices

The loss or theft of an employee’s mobile device jeopardizes an organization’s cybersecurity by making it possible for sensitive data to be breached. After all, when this occurs, there are great possibilities of unauthorized access to the content stored on the devices.

In the case of public figures, the concern becomes even greater, as the damage can be magnified.

• Hacking

Hacking is a practice that aims to compromise devices to entire networks through malicious software.

Infiltration usually begins with the launch of a phishing that seeks to attract the victim. After clicking on the link, the user downloads a piece of malware that starts to record all the data made available by him.

This information makes it possible for hackers to clone credit cards, steal bank accounts and break into corporate servers.

• Improper sharing

Generated by human error or malicious action, improperly sharing privileged data can put an organization at risk. After all, with these contents, unauthorized persons have access to confidential or strategic information.

5. How to prevent data leakage

Some measures can be taken to prevent data leakage. Among them, we can mention:

• Simplify access permissions

We’re not saying here to abandon Privileged Access Management (PAM), which is critical to your company’s security, but to simplify the workflow that generates each user’s access levels.

This is necessary because complex access permission workflows make it easy to accidentally grant more privileges than necessary to a user, increasing vulnerabilities in the IT environment.

As such, you should audit each user’s access levels, ensuring that only those who really need to have access to sensitive resources. It is also important to use a good filter to eliminate unnecessary complexities.

• Train your employees

There is no point in investing in state-of-the-art technology if your team is not prepared to deal with the main cyber threats. Therefore, the qualifications of your employees must be part of your company’s safety strategy.

This will certainly help your employees not fall into the traps of malicious attackers.

• Use Multiple Factor Authentication

Multiple Factor Authentication brings together two or more technologies to authenticate a given user, creating an extra layer of protection. In this sense, authentication factors can be something the user knows, such as a code; something they own, such as a token; and something that represents who they are, such as biometrics.

• Encrypt data

Encrypted data, when leaked, is of little use to malicious agents. Therefore, encode your company’s data, preferably with more secure ways, such as AES and PGP encryption.

• Use a password vault

As we mentioned in this article, password vaults or managers allow you to store all the passwords used in your company. This way, you only need to memorize a single credential to gain access to all of them, which eliminates the need to choose weak, easy-to-remember passwords or reuse passwords.

• Use a data leak detection tool

In addition to avoiding data exposure, it is essential to have a way to detect potential leaks through a specific solution. In practice, these tools scan the surface and dark web to identify data leaks in hackers’ interactions.

However, you need to be aware that leak detection tools often discover false positives, which should be ignored.

6. About senhasegura

We are senhasegura and are part of MT4 Tecnologia, a group of companies specialized in digital security, founded in 2001 and active in more than 50 countries.

Our purpose is to offer our public digital sovereignty and cybersecurity, granting control of privileged actions and data and preventing breaches and information leaks.

For this reason, we follow the lifecycle of privileged access management by automating machines, before, during and after access.

We are also committed to:

• Avoid downtime, which could harm their productivity

• Offer advanced PAM solutions

• Automatically audit privileged changes to identify privilege abuses

• Automatically audit privilege usage

• Reduce cyber threats

• Bring organizations into compliance with audit criteria and standards such as HIPAA, PCI DSS, ISO 27001 and Sarbanes-Oxley

7. Conclusion

In this article, we explored common causes of data breaches and share a wealth of information about these leaks. If you found our content relevant, please share it with someone.