Loopli's latest Security Update is here and we are sharing it with you.
January was a very busy month in the world of Information and Cyber Security, with one of the largest data breaches ever. This breach has exposed over 26 billion data records, predominantly compiled from past breaches, and poses a serious threat to organisations worldwide. It has been dubbed the 'Mother of All Breaches' and is the latest in breaches of the supply chain affecting numerous businesses and their customer bases.
Affected Organisations Include:
Tencent QQ – 1.4 billion records
Weibo – 504 million records
Myspace – 360 million records
X/Twitter – 281 million records
Deezer – 258 million records
LinkedIn – 251 million records
Adobe – 153 million records
Canva – 143 million records
VK – 101 million records
Dailymotion – 86 million records
Dropbox – 69 million records
Telegram – 41 million records
Various public bodies in Brazil, Germany, the Philippines, Turkey, and the US
The exposed data extends beyond mere credentials, with Cybernews highlighting the sensitivity of the majority of records and encompasses a staggering 3,876 domain names within the exposed dataset.
How to minimise potential risks and impacts?
Here are our recommendations:
Implement Multifactor Authentication (MFA): Require multiple authentication factors for accessing sensitive systems and data to enhance security.
Enhance Password Hygiene Practices: Encourage users to create strong, unique passwords and avoid password reuse across multiple accounts.
Encrypt Sensitive Data: Utilise encryption methods to protect sensitive information both at rest and in transit, reducing the risk of unauthorised access.
Provide User Education and Awareness Training: Conduct regular training sessions to educate employees about cybersecurity best practices and raise awareness of potential threats.
Adopt Cybersecurity Standards: Consider adopting recognised cybersecurity standards such as Cyber Essentials or ISO 27001 to establish a robust security framework.
Conduct Regular Penetration Testing: Perform periodic penetration tests to identify vulnerabilities and weaknesses in systems and networks, allowing for timely remediation.
As always, maintaining a cautious approach and staying informed about cybersecurity best practices is crucial in safeguarding both, personal and organisational data.