Feature

Unprecedented Data Breach Exposes Over 26 Billion Records: Protective Measures You Can Take

In what’s being termed as the Mother Of All Breaches (MOAB), a staggering compilation of over 26 billion records and nearly 12 terabytes of data has been leaked online. This colossal breach includes data amalgamated from past breaches and possibly new ones, encompassing user information from prominent sites such as Canva, Adobe, LinkedIn, Tencent, Weibo, X (formerly Twitter), Dropbox, and Telegram.

The discovery was made by a collaborative team of researchers from CyberNews and Security Discovery. The data set was found on a publicly accessible webpage, as disclosed by Bob Diachenko, Cyber Threat Intelligence Director at Security Discovery. He revealed the data set’s association with a dubious database lookup service, offering access to its engine for a fee.

Charles Finlay, Executive Director of the Rogers Cybersecure Catalyst at Toronto Metropolitan University, warns about the compounded risk this assembled data poses. Malicious entities can potentially exploit this extensive information pool, a concern that follows a series of high-profile ransomware attacks targeting both private and public institutions.

Recent incidents, including ransomware attacks on the Toronto Zoo and the Toronto Public Library system, have exposed sensitive employee information. Such breaches highlight the vulnerability of public institutions, which are increasingly lucrative targets due to often outdated and underfunded infrastructure. However, private institutions are not immune, as demonstrated by the massive hack of Capital One in 2019, compromising the information of over six million Canadians.

According to Finlay, the surge in ransomware and other sophisticated cyberattacks is part of a broader, escalating trend. He sheds light on the typical ramifications of ransomware attacks, such as infrastructure disabling or threats of leaking sensitive data onto the dark web. The MOAB or data obtained from such attacks can fetch a high value on the dark web, potentially being used for identity theft, fraud, or phishing attacks.

In response to these threats, Finlay recommends assuming that personal data is already compromised to some extent. He advocates for credit monitoring services as a defense against severe attacks and identity theft. These services are often provided to victims of ransomware attacks, as seen in the Toronto Zoo incident.

To bolster individual data security, Finlay emphasizes the importance of cyber hygiene. He advises creating complex, frequently changed passwords, staying vigilant about potentially harmful emails, and avoiding suspicious links. Additionally, Diachenko recommends enabling two-factor or multifactor authentication and avoiding password repetition.

However, addressing the broader issue requires more than individual vigilance. Finlay calls for significant, continued investment in cybersecurity across all levels of government to combat the escalating threat landscape. As society and the economy become increasingly digitized, understanding and adapting to this “new normal” of frequent data breaches is paramount.

Leave a Reply

Your email address will not be published. Required fields are marked *