- Learn How Fortinet's Security Fabric Protects Your Organization
Data Leak Meaning and Examples
A data leak happens when an internal party or source exposes sensitive data, usually unintentionally or by accident. The results of a data leak can range from loss of information to malicious exploitation. Often, data leaks lead to data breaches.
How Do Data Leaks Happen?
- Weak infrastructure:An improperly configured network infrastructure can allow data to be leaked, causing loss or even misuse. For example,cybersecurity company Cognyteleft a massive database unsecured, with noauthentication or authorizationrequired for access. As a result, more than 5 million records were exposed online.
- Human error:Recent statistics reveal thathuman error is the primary causeof data leaks and breaches. Human error can cause leaks of various degrees, from an email sent to the wrong people to massive leaks caused by stolen credentials.An example is themassive data loss(almost 23 terabytes) suffered by the city of Dallas due to employee negligence in 2021.
- System error:System errors can leave networks vulnerable. In 2019, aFacebook vulnerability that has since been fixedallowed scammers to scrape the personal data of over 530 million Facebook users across 106 countries, including their email addresses, phone numbers, locations, and other details. In 2021, the data was posted on a hacking forum.
- Third-party vulnerabilities:Third-party applications and vendors may need access to your system or network, but they can pose a risk. An example was theMarriott data leak in 2020. Hackers took advantage of a third-party application to access over 5 million guest records.
- Malicious insiders:Leaks caused intentionally bymalicious insidersare not as common as accidental leaks. In 2021, four lawyers at theElliott Greenleaf law firm allegedly stole and deleted company files to help a competing law firm open a new office.
According to a recent report by the Identity Theft Resource Center (ITRC), in 2021,data compromises went up by almost 70%, which is almost 25% more than the previous all-time high record set in 2017.
The average yearly cost of data breaches isnearly $4.5 million in 2021, so it is no wonder that more organizations are now implementing data protection measures to prevent data leakage, including the consequences associated with it, such as regulatory fines, lawsuits, and loss of customer trust.
Data Leak vs Data Breach: What Is the Difference?
While many use the terms "data leak" and "data breach" interchangeably, there is a difference between the two. A data leak often comes from within the organization either by accident or intent, while a data breach occurs when confidential or otherwise protected information is accessed, stolen, or used by outsiders without authorization.
Most often, data leaks are an accident, the result of mishandled information, while data breaches are carried out for malicious intent. For example, in a ransomware attack, confidential data is breached, encrypted, and then lost or exposed if the ransom isn’t paid.
A data breach also can be a tactic for espionage or to gain access to proprietary information including trade secrets and intellectual property. Some data breaches are done as a form of protest or hactivism to expose an organization and damage its reputation.
While a data leak may not result in a data breach, data leaks should be prevented to avoid loss or corruption of data.
4 Types of Data Leaks and Their Consequences
1. Shadow IT
Employees contending with heavy workloads and very stringent deadlines may use workarounds and unapproved third-party applications and solutions to get things done. The resulting infrastructure is called “shadow IT.” Some unsanctioned third-party applications and technology employees are likely to use may include:
- Cloud technology and storage
- Software-as-a-Service (SaaS)applications
- Web applications
Although employees using their own systems and devices can help with productivity, the risk is that shadow IT can lead to unauthorized access to data in the cloud, which can result in information leakage, changes to the data by unapproved users, and data corruption. Additionally, shadow IT creates blind spots for IT teams who may not become aware of the data leak until it is too late.
2. Legacy Tools
Despite technological advances, numerous organizations and their employees are still using certain legacy tools, such as external USB drives, desktop email applications, and public printers. While there is nothing inherently wrong with these tools, they can cause a leak. Imaginean employee losing a USB drive containing sensitive data in a public place. Or imagine private company documents being printed at home or a public printing center.
3. Privileged or Business Users
In 2018, Twitter urged its330 million usersto change and update their passwords after a bug exposed them. This was the result of a problem with the hashing process, which Twitter uses to encrypt its users’ passwords. The social networking site claimed it found and fixed the bug, but this is a good example of potential vulnerability exploits.
Twitter also suffered a potential breach inMay 2020, which could have affected businesses using its advertising and analytics platforms. An issue with its cache saw Twitter admit it was “possible” that some users’ email addresses, phone numbers, and the final four digits of their credit card numbers could have been accessed.
4. Phishing
Phishing continues to be a popular way to attack businesses—because it works. Phishing tactics can expose and allow exploitation of sensitive company data if an employee:
- Clicks on a malicious link in an email
- Shares credentials with others
- Falls forsocial engineeringscams
The consequences can range from unauthorized data access to the installation of malware and other malicious files.
Six Common Causes of Data Leak
Because data leaks typically stem from internal issues, much can be done to identify vulnerabilities and apply preventative strategies. Additionally, staff members can be trained on best practices to reduce the threat of human error.
Here are some of the most common causes of data leaks:
1. Bad Infrastructure
Bad or weak infrastructures are made up of systems that are not configured properly or not maintained regularly. The wrong settings and permissions during initial configuration can lead to unauthorized access or insufficient security. Delays in maintenance, such as patching software or repairing and replacing bad components, can also lead to data exposure.
2. Social Engineering Scams
While social engineering scams may seem like an external attack, they are only successful if the target falls for them. Using emails and social media, criminals may seek to exploit unsuspecting employees to gain access to their organization’s network, system, or finances.
3. Poor Password Policies
Poor password policies, such as using the same credentials for multiple accounts and logins or not creating passwords that are complex enough, can lead to data leaks. Because malicious parties know that many people tend to reuse passwords for various accounts, once they successfully steal a user's password or convince them to reveal it, they will attempt to access as much data as possible.
4. Lost Devices
Lost or stolen laptops, USB storage devices, mobile phones, and other devices can result in major data leaks. Especially because more workers are now remotely accessing systems from various locations, these devices can become a doorway into an organization's network.
5. Software Vulnerabilities
Outdated software or software that has not been recently patched can put sensitive data at risk. Criminals may also create a vulnerability in open-source applications by writing it into the code.
6. Old Data
Most companies grow, expand, and evolve. Employees come and go, infrastructures are upgraded, and systems change, which may leave old data unprotected or exposed.
Four Ways Criminals Exploit Data Leaks
1. Social Engineering
In social engineering scams, the perpetrator first attempts to gain and then exploit the user's trust. They usually send an email enticing the recipient to click on a link that installs malware or another malicious program on their computer. Or they may use phishing attacks to get them to reveal credentials, financial or personal information, or convince them to make an unauthorized transaction.
2. Doxxing
Doxxingis a form of bullying or harassment and entails acquiring and then publishing the information of a person or company without their permission. Once sensitive or personal information becomes public, it can be used to gain access to online accounts, bank accounts, or credit card accounts.
3. Surveillance and Intelligence
Data from a leak can be used to blackmail certain entities, shape public opinion, manipulate outcomes, and gain favor. It can be very damaging but effective, particularly in politics and business espionage.
4. Disruption
People who exploit data leaks may misuse information to disrupt the operations of target organizations, such as businesses or government bodies.
How To Fix a Data Leak: 3 Quick Steps
Prevention is better than cure, so whether you are trying to contain a data leak or preventing it from happening in the first place, here are some steps to take:
1. Validate Cloud Storage Configurations
Cloud storage can easily become the source of a leak, so make sure it is secure when you first set it up and then periodically as your organization expands and evolves. Establish that the system is working as intended.
2. Automate Process Controls
As your organization grows, it can be difficult to ensure consistency and security. Automation can help because computers can handle the workload better than humans. Documenting and standardizing process controls ensure security policies that safeguard cloud storage are enforced.
3. Monitor Third-party Risk
Allowing third parties to access your systems is often a necessary risk, but data leaks can be minimized through vigilant monitoring. This is particularly important because your company is responsible for data security compliance, even if a leak is caused by a third party.
Frequently Asked Questions about Data Leaks
1. What is a data leak?
A data leak refers to an event in which an internal party or source exposes sensitive data, usually unintentionally or by accident. The results of a data leak can range from loss of information to malicious exploitation. Often, data leaks lead to data breaches.
2. How does a data leak happen?
A data leak happens when someone from within the organization inadvertently exposes confidential data. It is often the result of outdated systems, poor password policies, stolen or lost devices, and software vulnerabilities.
3. How to fix a data leak?
Prevention is better than cure, so whether your security team has identified a data leak that needs to be contained or they are preventing leaks from even happening, they must ensure cloud storage configurations are correct, automate process controls, and monitor third-party risk.
Get A Cyber Threat Assessment Today
Get Insights into your Network Vulnerabilities with Cyber Security and Threat Assessment.
There are 2-ways to find the state of your network security - wait for a breach to happen or proactively carry out a security threat assessment. Sign up today to get a zero cost assessment done on your security landscape and network utilization.
Request here
