Expert commentary: UberLeaks data breach
After the news story about Uber suffering new data breach after an attack on the vendor with sensitive information being leaked online the comment from Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions:
“All organisations should be working hard to ensure that sensitive customer and business data remains secure and protected. Given the current climate around data security and breaches it is not overly shocking that Uber are experiencing such a data leak after experiencing two cybersecurity hacks earlier in the year, however in this instance it appears that a third-party vendor was the target of the attack. Organisations such as Uber are a prime target for cyber criminals as they hold valuable data that criminals look for, including payment details, and users tend to re-use passwords across multiple sites. In this case, the email address data leaked by ‘UberLeaks’ is enough for cyber criminals to conduct future targeted phishing attacks against users, meaning Uber employees should be vigilant when it comes to emails from Uber support or from what appears to be a trusted vendor.
The fact that sensitive corporate data was stolen via supply chain attack on a trusted vendor demonstrates the importance of due diligence when selecting vendors, as well as the need to regularly confirm that ongoing measures are being taken by vendors to keep themselves secure, along with your data. This attack was against an MDM vendor’s backup server that was hosted in AWS – it is so critical that backup systems are properly secured, and where possible that proven cloud solutions are deployed rather than home grown solutions. Data management, migration and availability implementations should not take shortcuts to achieve their goals.
This also highlights why it is so critical to provide quality, regular security awareness training to all workers, and to operate regular penetration tests to find any lurking credentials or backdoors for attackers so that these can be locked down. Further, IT teams must implement cybersecurity technology such as email filtering, anti-virus protection, and sensible password policies to grapple with cybersecurity. Security awareness training should be implemented for staff from day one, ensuring they are vigilant in scrutinising the types of emails, messages and phone calls they receive. Additionally, data must always be securely backed up, so systems can be restored if needed. Finally, multi-layered cybersecurity controls must be deployed to help detect or block anything in the first place that breaches the first line of defence – the people of the organisation.
This story serves as a reminder for all organisations to invest appropriately in data protection and cyber defences, and wherever possible to ensure that they have their approach validated by trusted independent third parties to prevent cyber attacks from happening which leads to putting the details of employees at risk, just as Uber have done.”