In the age of social media and data breaches, it’s easy to take our cyber security for granted. But there are still plenty of companies out there who are not taking the necessary precautions to ensure their data is secure. There was a major data breach at CommuteAir recently that exposed private information about its customers—and it could have been prevented if only someone had taken a few simple steps.
You may have heard of the data breach at CommuteAir. This hack was as simple as it was devastating: all it took was one person and the entire database is at risk. The hacker accessed information stored in clear text, including user passwords and security questions, then posted these on Reddit for anyone else to see.
Password and security question information should never be stored in clear text because an attacker can easily access them by simply looking at the database—and there’s no way to prevent this from happening if you don’t encrypt your data first! Encryption would also prevent tampering with these values after they’re inputted into your system; otherwise, someone could change their own password or recovery questions without needing access to them first.
The database was exposed for over a month before being taken down. While it’s unclear how many people actually accessed the database, it’s not the first time sensitive data has been exposed due to lax security practices. In 2017, a database containing information on 191 million American voters was left unsecured by political analysis company Deep Root Analytics. The company originally blamed the exposure on “unauthorized access,” but later admitted that it had left its servers vulnerable due to an employee accidentally leaving an account open after accessing the database while logged into another service with his credentials.
An additional example of the exposure sensitive data due to lax security practices is the 2017 cyber attack on Equifax. It exposed personal information of 143 million Americans, including social security numbers (SSNs). The attack was caused by a vulnerability in an Apache Struts web application that was used in the company’s website.
The key takeaway from these incidents is that companies must be aware of their risks and prepare for cyber attacks. They need to have an incident response plan ready so they can respond quickly and effectively when they are hit by hackers or other malicious actors who want to disrupt business operations through cyberattacks.
This latest incident additionally highlights the importance of storing and taking proper care of your firms’ databases and data silos—especially if those databases contain sensitive information like personal details or financial records that could affect your business and customers and employees livelihood and safety if they were leaked or stolen by malicious actors.
The CommuteAir hack should serve as a wakeup call to companies that aren’t using secure data storage. Data breaches can have serious consequences, and it’s important for businesses to be aware of the risks and take steps to mitigate them.
The CommuteAir hack is particularly significant because it gives us insight into how easy it can be for outsiders to gain access to sensitive information. Companies need to ensure they’re doing everything they can—including following strict security practices—to protect their data from being exposed or stolen by hackers.
Cyber security is just as important as physical security.
A hacker can get into your server and steal data like credit card numbers, social security numbers, and other personal data that can be used for identity theft or fraud. Hackers can also use the information they steal to blackmail you or extort you.
Companies need to make sure their servers are secure and that lapses are reported immediately.
The attack on the Terrorist Screening Centers No-Fly list showed how easily hackers can gain access to sensitive data about individuals. It’s important for companies to keep their employees informed about what data they collect and why, as well as how it’s stored and secured. This can help prevent attacks on companies IT infrastructure and sensitive data.
So what steps can you take to increase the protection on your company’s servers and both safeguard sensitive data as well as get notified immediately if unauthorized actors try to access your data?
The answer is simple: You should install Codenotary‘s open source immutable database immudb. immudb provides a fast and reliable immutable database, that is easy to set up and easy to use. It is tailored towards both performance and flexibility, allowing millions of transactions, flexible data structures and signatures using public-key cryptography. Tamper protection is guaranteed by neither allowing the mutation or overwriting of data. APIs are provided and multiple versions of the same key co-exist and are verifiable. Data ownership is also externally verifiable. immudb additionally includes a tamper-evident history system, as well as real time cryptographic proof of historical consistency and data inclusion. Any attempted tampering will lead to clients and auditors receiving notices.
The CommuteAir hack shows the importance of cyber security. Lax security measures allowed anyone with an internet connection to access their data and though the consequences were not as serious as they could have been, companies still need to make sure their servers are secure, and if there is a breach of any kind, they should report it immediately so that others can take preventative measures against similar attacks.
A simple way to immediately increase the protection of your sensitive data is using immudb. A fast and flexible open source immutable database with measures to keep clear track of any changes to your data, immudb is the solution for you to minimize your databases vulnerabilities.