License Plates, Photos, Passwords and More Stolen in Two Separate Breaches
Data security is still an ongoing struggle for many organizations. The difficulties of securing and protecting data were highlighted this week as two major breaches — affecting a government organization and a gaming site — were reported. The first incident, announced last Monday, affected the data of US Customs and Border Protection (CBP). The breach compromised the information of individuals entering and exiting the United States.
Specifically, the CBP data included license plates and images of travelers in vehicles crossing a single US land border entry over a six week period. The organization’s initial report counts data of under 100,000 individuals. The CBP also reported that the attack did not compromise the organization’s systems — the hack was on a third party contractor that copied and transferred the data onto their company network. The CBP made clear that the third party acted against CBP rules in transferring the data, stating that the subcontractor "violated mandatory security and privacy protocols outlined in their contract." The government organization also made it clear that the image data has not turned up on the dark web or the internet, and no other identifying information was lost.
Although CBP did not confirm the name of the breached subcontractor, British technology news site The Register reported last month that a large cache of data stolen from the firm Perceptics was accessible on the dark web. Perceptics is a license plate recognition provider that claims to cover US land borders. The Washington Post also noted that the document title of CBP’s public statement that they received via email included “Perceptics” in the title.
The second breach incident reported this week involved the retro gaming site Emuparadise. The breach itself apparently happened over a year ago on April 2018, exposing 1.1 million email addresses, IP addresses, user names, and passwords as salted MD5 hashes. The gaming site’s vBulletin forum was apparently the source of the breach.
Emuparadise did not report the breach, but it became public after information was provided to HaveIBeenPwned, a site that helps internet users check if they were affected by a data breach. HaveIBeenPwned also noted that 71% of the addresses were already in their database of compromised addresses.
How to prevent or mitigate data breaches
Enterprises are under increasing pressure to protect data. They can face client backlash, severe financial hits, and regulatory compliance fines if they do not properly secure the data they collect. The incidents above demonstrate the many ways an organization can be breached — from careless third party suppliers to unsecured tools or applications. Other factors can also expose systems to a data breach, from misconfiguration, patch lags, and unsecure software or system components.
A proactive approach is needed to bridge security gaps and respond to data breaches — managed detection and response (MDR) can fill these gaps. MDR provides organizations with security capabilities that can help them anticipate and thwart known (or unknown) threats and, in the event of a compromise, remediate the incident faster.
Organizations and users can also implement these best practices to securing data:
- Identify the weak spots in your organization’s security infrastructure –including your supply chain—and implement intrusion-preventive measures accordingly.
- Educate all company employees on security policies and contingency plans on how to identify incidents of attacks and trends in social engineering, and what to do when it happens.
- Practice network segmentation and data categorization.
- Create strong passwords for all online accounts and change them regularly.
- Monitor accounts for unauthorized access and report any irregularities to related authorities immediately.
- Be aware of different social engineering techniques attackers use to steal online credentials.
- Enable two-factor authentication (2FA) on all online accounts whenever applicable.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Exposed Container Registries: A Potential Vector for Supply-Chain Attacks
- LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023
- Diving Deep Into Quantum Computing: Modern Cryptography
- Uncovering Silent Threats in Azure Machine Learning Service: Part 2
- The Linux Threat Landscape Report