Companies devote a lot of attention and resources—as they should—toward protecting the business and its assets from a constant barrage of external cyber threats. But in doing so, they sometimes overlook or underestimate the severity of another critical threat known to be the root cause for some of the largest data breaches on record: the insider.
Not all insiders responsible for data loss or compromise are malicious in their intent, driven by greed or the desire to wreak havoc as a saboteur. Many insiders are employees who simply make data security missteps that lead to costly and reputation-damaging data leaks for their organisation. They send a file with confidential information to the wrong recipient, for example. Or, they fall for a well-crafted phishing scam and end up giving their account credentials to an attacker.
Malicious, negligent and compromised employees aren’t the only ones who create data loss risk for organisations. Outside contractors, third party vendors and supply chain partners, who have legitimate access to sensitive data and critical systems can also be potential threats. These parties are sometimes responsible for an “operator error”—like a misconfigured cloud server or storage bucket—that ends up exposing millions of sensitive files, such as those containing the personally identifiable information (PII) of a company’s customers or employees.
People are responsible for some of the largest data breaches seen during this year and last year. And, in a new report, The Data Breach Is Coming from Inside the House, Proofpoint examines recent data leaks from 2021 and 2020 that likely could have been prevented if organisations had taken a people-centric approach to data loss prevention (DLP) and insider risk.
An examination of five recent data breach incidents
“Insider risk should be a major focus of every digital-driven business.” That’s just one recommendation outlined in the new report from Proofpoint, which also explains how the lack of adequate visibility in today’s distributed, cloud-first work environments is creating consternation for IT departments trying to manage insider threats and prevent people-caused data loss.
Our report centres on five noteworthy data leaks from 2021 and 2020, including a few of the largest data breaches reported. These real-life events include the following:
- An incident involving a travel booking platform provider that led to 10 million records being exposed, lost, compromised or stolen—including files that contained the full names, email addresses, national ID numbers and credit card information of hotel guests. The reason for the breach? Cloud storage misconfiguration by an employee.
- The unauthorised, online posting of 5 gigabytes of internal data belonging to one of the web’s top technology and entertainment websites—and a trusted source for the news. The incident led to 1.4 million records being compromised, including those that contained the PII of staff, users and subscribers. The cause of this exposure? Misuse of OAuth access.
- A data leak that exposed 7.4 billion user records of the reporters, staff and subscribers of the oldest daily newspaper in France. What led to this data loss incident? A misconfigured and unsecured cloud server operated by a vendor.
Following each data breach example analysed in our report are recommendations from Proofpoint to help you prevent similar incidents from impacting your business. These suggestions include using a cloud access security broker (CASB) solution to secure cloud applications, ensuring databases are properly configured, an insider threat management (ITM) solution to detect and respond to insider-led threats and educating users about potential security risks to prevent data loss before an incident occurs.
Learn more about recent data leaks—and how they could’ve been avoided
Be sure to download a free copy of The Data Breach Is Coming from Inside the House from the Proofpoint website to get details on some of the biggest data breaches reported in 2021 and 2020.
Also, check out the ongoing podcast series from Proofpoint, “The Inside Line on Information Protection,” to learn how your organisation can take a modern, people-centric approach to information protection in today’s work-from-anywhere environment, where data is everywhere—and people are the security perimeter. You can access all available episodes here.