This is a follow-up to my earlier post “Be aware of online data breaches” written on 5th June 2019.
Five years ago, in 2014 when two major cybercrimes happened, the stealing of 100 million credit card data at Target and about 100 terabytes of data of unreleased movies & more from Sony getting leaked, it shook the world and got everyone’s attention towards online data breaches. It felt like the awareness of being secure online was growing at every level of organizations, mainly in the corner offices. Then in 2018, Facebook-Cambridge Analytica came to light, a loud hue and cry followed and then total silence – everyone involved has been left off with a slap on the wrist – the world moved on.
The consequence has been, in my view, is that all the stakeholders at large companies have got a sense of impunity. With the advent of cloud computing and hunger for collecting a large volume of data to feed their AI/ML models, designing any system has become extremely complex. Most often, management may not be informed fully, the cost of protecting the data that gets stored. There can never be a fool-proof software system, but when everyone involved strives for a secure one you can get to reasonable levels of safety.
In this piece, I am not talking about the rise in Government Surveillance. For that, read my earlier post titled “The San Francisco’s Facial Recognition Ban and the questions it raises“
Now in 2019, aside from the data breaches (this is when a cybercriminal breaks into a system just a thief does in real-world), the rate of data leakages (data that has been left unprotected and found by passersby or was sold without the consent of the users) has been increasing. You had Brainwash, a café in San Francisco that had sold its live streaming camera’s footage to companies.
In the last few weeks alone, I have three notifications from Experian of data breaches of my email address from OxyData.IO (a company I never dealt with), Canva.com and ShareThis. I will urge those reading this to use the free service from Firefox called Firefox Monitor. It will let you know whether your email addresses is leaked or not. It is powered by have i been pwned?, a service run by my fellow Microsoft Regional Director and a renowned security expert Troy Hunt.
Finally, to appreciate the magnitude of this problem, see the report below for one of my email address. Over the last six years (2013-2019) one of my email address has been leaked in over 14 known data breaches.