What causes a data breach and how to prevent one
Data breaches have a devastating impact on most businesses, especially those that are unprepared to deal with the fallout. Today’s news is ridden with stories of breaches at major companies across the world, with the frequency and severity of data breaches undoubtedly increasing.
According to the Office of the Australian Information Commissioner (OAIC), there were 24 large-scale data breaches (affecting 5000+ Australians) reported between January and July 2022, compared with 18 large-scale breaches in the previous period between July and December 2021.
No business wants to experience compromised customer information, or internal business data, transaction history or any other secure information being breached. There is immediate financial impact associated with breaches, in addition to a loss in trust, customer sentiment and reputation over time.
Because of this, it’s vital to know what causes a data breach, why they are increasing and how they can be avoided.
Data breaches in the healthcare industry
The healthcare industry is prone to data breaches due to the frequency of information exchanged between individuals and companies delivering health services.
According to ABC News, the Australian health services industry reported 79 data breaches from January to June 2022. Perhaps the most notable of the latest breaches is the Medibank hack, where criminals were responsible for stealing customer data before releasing it on dark web forums.
The stolen data from this breach included addresses, names, phone numbers and other personal information, including health claims data. While no credit card information has been reported as stolen, Medibank noted that almost 10 million current and former customers have been affected by the breach, including a large cohort of international students.
Businesses and organisations are obliged to report breaches to the OAIC if there has been personal information revealed, under the Notifiable Data Breach scheme.
Advice on data breach prevention
The Australian Cyber Security Centre (ACSC) regularly publishes advice on how to mitigate data breaches for consumers and businesses. They note that malicious or criminal attacks are the leading cause of data breaches, emphasising the importance of improving awareness around the potential for cyber attacks.
For example, cyber criminals are known to use deliberate tactics in order to gain access to employees’ organisational credentials. This enables the exploitation of private or personal information, which includes data protected under the Privacy Act 1988.
There are specific prevention strategies recommended by the ACSC, including the training of employees in cyber security systems, and the implementation of cyber security awareness programs.
There are two main areas that your business can focus on to start increasing awareness around the potential for data breaches and cyber attacks. The ACSC advises the following information to reduce the chance of data spills, breaches and other cyber security incidents:
- Ensure all users periodically reset passwords to reduce the ongoing risk of credential compromises.
- Increase password length and complexity requirements to mitigate the risk of brute-force attacks being successful.
- Consider implementing a lockout for multiple failed login attempts.
- Reset passwords as soon as possible if credentials have been compromised.
- Discourage users from reusing the same password across critical services such as banking and social media sites.
- Use strong passphrases that are not based on simple dictionary words or a combination of personal information: this reduces the risk of password guessing and simple brute-forcing
- Inform users to use new passwords that do not follow a recognisable pattern: this reduces the risk of intelligent brute-forcing based on previously stolen credentials.
2. Security systems
- Use multi-factor authentication for all remote access to business systems and for all users when they perform a privileged action or access an important data repository.
- Be aware of unusual account activity or suspicious logins: this can help determine when a service, such as an email account, has been compromised and needs a password reset.
- Encourage staff to think carefully before entering credentials; they should avoid clicking suspicious links, including those from friends or colleagues who may have had their accounts compromised.
- Ensure operating systems, browsers and plugins are updated with the latest patches and fixes, while maintaining the quality of the infrastructure.
- Keep anti-virus protections up-to-date to help guard against malware that steals credentials.
3. Data governance
As a growing challenge for many organisations, data governance is further complicated by a variety of new laws that are constantly changing; as well as architecture requirements, data stewardship, and a general lack of stakeholder awareness.
Effective data governance involves employee education on data breaches and compliance violations, while learning about and complying with all laws. It’s also essential to implement efficient governance policies (for example, this Data Breach Policy from the UNSW), in addition to a strategically-planned Data Breach Management Procedure.
A successfully developed data governance framework ensures that only the correct type of data is being collected and managed through its lifecycle.