Data security is a rising concern worldwide, and the start of 2017 has certainly not allayed those fears.
A month before, this happened:
A Google researcher has uncovered what may be the most worrying web leak of 2017 so far, possibly exposing passwords, private messages and other sensitive data from a vast number of sites, including major services like Uber, FitBit and OKCupid.
Dubbed CloudBleed, this vulnerability is caused by a popular company web company called CloudFlare. The vulnerability is a serious data security issue, and allows unauthorized data access from one website to the other (the article has a better explanation). While it will be fixed, the damage could have already been done.
Not all of them are malicious, human error is a contributor
A few weeks ago, River City Media leaked over a billion emails on account of a faulty backup. This is worrying, considering that the list includes authentic emails, IP addresses, and possibly, some physical addresses as well.
What was more scary, was this:
The breach is so large that when Vickery initially reported that he had access to a leaked dataset containing 1.4bn records, India’s national government issued a statement denying that it was the source – the country’s federal ID system is one of the few databases in the world containing more than a billion individuals, and speculation ran rampant until Vickery released the actual information.
(Glad that this didn’t happen!)
Such is the nature of data security, leaks, vulnerabilities and breaches, that popular media have already made it a recurring feature (like this list curated by Wired).
There may be a perception that such events occur out of malicious intent. However, it is far from the truth. As businesses grow, data security needs to be put at the forefront of any IT activity. Until that happens, I am happy to keep separate passwords for my accounts.
(Incidentally, my favourite password manager app was also compromised.)