“Collection #1” Data Breach

By Paul Sullivan, Software Engineer, Bitglass

hacker in hoodie sitting in front of a laptop

News of the 773 million email data breach that Troy Hunt announced for Have I Been Pwned certainly got a lot of coverage a few months ago. Now that the dust has settled, let’s cut through some of the hype and see what this really means for enterprise security.

First, let’s clear some things up – the data itself is actually several years old, but it looks like the seller of the data has more recent material, as well. Also, this data did not come from a specific company, but was a composite of various sources that cybercriminals stitched together. It is unclear what these sources are, but some of them are likely to be breaches that have been widely known for some time. This is demonstrated by the fact that Have I Been Pwned has already seen about 82 percent of the compromised emails in previous breaches.

However, the above could also mean that individual emails have been breached multiple times across different services. Unfortunately, people commonly reuse passwords, which means if a cybercriminal gains access to one password or account, they can potentially gain access to various accounts on different websites.

This is important because this kind of data is used in credential stuffing attacks to automate trying to log in to various services with stolen data. Since passwords are often reused, criminals run all this data against other accounts (Spotify, Netflix, Amazon or other paid subscription accounts), hijack them, and resell them.

Unfortunately, this data is out there now and new breaches are happening all the time. Luckily there are ways both individuals and companies can mitigate the damage. For individuals, using a password manager to create strong unique passwords is definitely a good idea. For companies, password expiration is now arguably a bad idea, but IT teams can monitor services like HIBP and let employees know when to change passwords after a breach. Companies can also cut down on the number of passwords running around by using single sign on (SSO) for their cloud services, and by enabling multi-factor authentication to make it harder for credential stuffing attacks to work. A cloud access security broker (CASB) can also alert IT teams when a strange login occurs so they can take action to protect their data.  

For more information, download the Top CASB Use Cases.

The Many Benefits of a Cloud Access Security Broker

By Will Houcheime, Product Marketing Manager, Bitglass

server hallway leading to blue sky with clouds

Today, organizations are finding that storing and processing their data in the cloud brings countless benefits. However, without the right tools (such as cloud access security brokers (CASBs), they can put themselves at risk. Organizations’ IT departments understand how vital cybersecurity is, but must be equipped with modern tools in order to secure their data. CASBs protect against a wide range of security concerns that enterprises face when migrating to the cloud. Consequently, they have quickly increased in popularity and have become a one-stop-shop for countless enterprise security needs.   

BYOD, SaaS or IaaS

Depending on the industry in which an organization operates, it may need to focus on security for managed devices, or perhaps it might need more of a bring your own device (BYOD) solution. While major SaaS applications improve organizational productivity and flexibility, they can serve as entry points for malicious threats such as malware or be used to share sensitive data with unauthorized parties. In infrastructure-as-a-service platforms, even a simple misconfiguration can cause data leakage and jeopardize an organization’s wellbeing. Without a solution designed to address these modern security concerns, organizations can fall victim to these and other threats.

In recent years, cloud access security brokers have been used to prevent these types of unfortunate scenarios from happening to organizations. Whether it’s securing data on personal devices, limiting external sharing, stopping cloud malware, or other security needs, CASBs have been stepping in and protecting data whether it is in transit or at rest. In our latest white paper, Top CASB Use Cases, we go into detail about how organizations have used cloud access security brokers to embrace both the cloud and BYOD without compromising on security.

For information about how CASBs help secure data, download the Top CASB Use Cases.

Healthcare Breaches and the Rise of Hacking and IT Incidents

By Jacob Serpa, Product Marketing Manager, Bitglass

Healthcare breach report 2019

In the course of their day-to-day operations, healthcare organizations handle an extensive amount of highly sensitive data. From Social Security numbers to medical record numbers and beyond, it is imperative that these personal details are properly secured. 

Each year, Bitglass conducts an analysis and uncovers how well healthcare organizations are protecting their data. In 2019’s report, we detail the state of security in healthcare as well as shed light on recent breach trends in the vertical. Read on to learn more.

Bitglass’ 2019 Healthcare Breach Report analyzes data stored in the Department of Health and Human Services’ “Wall of Shame,” a database wherein details about healthcare breaches are stored. By scrutinizing this data set, Bitglass uncovered information related to the size of healthcare breaches, the causes of healthcare breaches, the states in which these breaches occur, and much more, over the last few years. A snapshot of some of this data is provided below.

The rise of hacking and IT incidents

Over the last few years, the threat landscape has been shifting in healthcare. It used to be that lost and stolen devices were the leading contributor to exposed data. However, each year since 2014, the number of breaches caused by lost and stolen devices has decreased. At the same time, hacking and IT incidents have enabled more and more breaches each year – in 2018, they were the leading cause of breaches in healthcare. 

The decreasing numbers of healthcare breaches

Despite the above, 2018 saw the number of healthcare breaches reach its lowest point in the last few years. Obviously, this is good news. While healthcare firms need to do something to address the growing number of hacking and IT incidents that are exposing their data, the fact that the overall breach number is down still bodes well for the industry’s progress in securing sensitive data. 

To learn more about the above findings as well as other interesting facts and figures, download the full 2019 Healthcare Breach Report.