You may have noticed an uptick in security incidents, most recently millions upon millions of compromised records associated with Facebook, Zoom, and Nintendo. These data breaches have impacted organizations of all sizes, exposing both consumer Personally Identifiable Information (PII) and sensitive business information.
In addition to the known exposure of some of these major data breaches, there’s another breed of incidents that are also being reported: those that compromise confidential information found on unnamed, unprotected databases with no clear understanding of who owns the data. Most recently, in March 2020, there was a report that more than five billion records were exposed after an “Elasticsearch ‘data breach database’ managed by a U.K.-based security firm and housing a trove of security incidents from the last seven years was left unprotected.” According to SC Magazine’s report, hashtypes, leak dates, passwords, email addresses, email domains, and leak sources were found to be included in the breach.
This type of data breach is not uncommon. For example, about a year prior to the unnamed security firm’s Elasticsearch data breach, security researchers discovered an unsecured server leaking 264GB of data belonging to Tech Data, an IT infrastructure company, exposing the bank and payment information, PII, company, and account details of its customers and employees. To put the scale of this leak in context, an unprotected database of just 24GB exposed the financial and mortgage information of 80 million American households in April 2019.
Data Breach Response
There are a number of resources available to help your business and your employees if you should experience a data breach. Here are a few that you may find useful:
- IdentityForce Infographic | Overcoming the Path of Data Breach Disruption During COVID-19
- Sontiq Infographic | 2020 Tips for Data Breach Victims
- Tom’s Guide | What to Do After a Data Breach
- Digital Guardian | Get tips from the Experts if You Think You are a Data Breach Victim
- IdentityForce | Data Breach Blog
Rapid Delivery of ID Theft Protection to Breach Victims
When the worst does happen, you want to ensure that those breach victims — whether your employees, partners, or customers — are protected with top-rated identity theft protection. At IdentityForce, we provide a RapidResponse Breach Program through our parent company, Sontiq, that equips you with what you need immediately — from codes to support and counsel to identity theft protection — to rapidly address and mitigate future potential threats to the business and the personal information you are responsible for.
Learn more about our Breach RapidResponse program here.