“Collection #1” Data Breach

By Paul Sullivan, Software Engineer, Bitglass

hacker in hoodie sitting in front of a laptop

News of the 773 million email data breach that Troy Hunt announced for Have I Been Pwned certainly got a lot of coverage a few months ago. Now that the dust has settled, let’s cut through some of the hype and see what this really means for enterprise security.

First, let’s clear some things up – the data itself is actually several years old, but it looks like the seller of the data has more recent material, as well. Also, this data did not come from a specific company, but was a composite of various sources that cybercriminals stitched together. It is unclear what these sources are, but some of them are likely to be breaches that have been widely known for some time. This is demonstrated by the fact that Have I Been Pwned has already seen about 82 percent of the compromised emails in previous breaches.

However, the above could also mean that individual emails have been breached multiple times across different services. Unfortunately, people commonly reuse passwords, which means if a cybercriminal gains access to one password or account, they can potentially gain access to various accounts on different websites.

This is important because this kind of data is used in credential stuffing attacks to automate trying to log in to various services with stolen data. Since passwords are often reused, criminals run all this data against other accounts (Spotify, Netflix, Amazon or other paid subscription accounts), hijack them, and resell them.

Unfortunately, this data is out there now and new breaches are happening all the time. Luckily there are ways both individuals and companies can mitigate the damage. For individuals, using a password manager to create strong unique passwords is definitely a good idea. For companies, password expiration is now arguably a bad idea, but IT teams can monitor services like HIBP and let employees know when to change passwords after a breach. Companies can also cut down on the number of passwords running around by using single sign on (SSO) for their cloud services, and by enabling multi-factor authentication to make it harder for credential stuffing attacks to work. A cloud access security broker (CASB) can also alert IT teams when a strange login occurs so they can take action to protect their data.  

For more information, download the Top CASB Use Cases.

Healthcare Breaches and the Rise of Hacking and IT Incidents

By Jacob Serpa, Product Marketing Manager, Bitglass

Healthcare breach report 2019

In the course of their day-to-day operations, healthcare organizations handle an extensive amount of highly sensitive data. From Social Security numbers to medical record numbers and beyond, it is imperative that these personal details are properly secured. 

Each year, Bitglass conducts an analysis and uncovers how well healthcare organizations are protecting their data. In 2019’s report, we detail the state of security in healthcare as well as shed light on recent breach trends in the vertical. Read on to learn more.

Bitglass’ 2019 Healthcare Breach Report analyzes data stored in the Department of Health and Human Services’ “Wall of Shame,” a database wherein details about healthcare breaches are stored. By scrutinizing this data set, Bitglass uncovered information related to the size of healthcare breaches, the causes of healthcare breaches, the states in which these breaches occur, and much more, over the last few years. A snapshot of some of this data is provided below.

The rise of hacking and IT incidents

Over the last few years, the threat landscape has been shifting in healthcare. It used to be that lost and stolen devices were the leading contributor to exposed data. However, each year since 2014, the number of breaches caused by lost and stolen devices has decreased. At the same time, hacking and IT incidents have enabled more and more breaches each year – in 2018, they were the leading cause of breaches in healthcare. 

The decreasing numbers of healthcare breaches

Despite the above, 2018 saw the number of healthcare breaches reach its lowest point in the last few years. Obviously, this is good news. While healthcare firms need to do something to address the growing number of hacking and IT incidents that are exposing their data, the fact that the overall breach number is down still bodes well for the industry’s progress in securing sensitive data. 

To learn more about the above findings as well as other interesting facts and figures, download the full 2019 Healthcare Breach Report.