Expert commentary on the Duolingo data leak and the CloudNordic ransomware attack
August 2023 by OpenText
After the news of data from 2.6 million Duolingo users has been leaked on a hacking forum broke this morning as well as reports that Danish cloud provider CloudNordic has told customers to consider all of their data lost after a serious ransomware infection.
For the Duolingo data leak, Steven discusses why the incident with the learning platform is a key reminder for businesses to they have clearly defined security policies and procedures in place and offers advice on how to cope from a reputational standpoint.
On the CloudNordic story, Steven delves into how ransomware attacks continue to be one of the most prominent and persistent threat for organisations’ data and shares ways to limit future attacks like this.
Steven Wood, Director, Sales Engineering, OpenText comment on the Duolingo data leak:
“The Duolingo data leak is a vital reminder to businesses in possession of personal data to make sure their cyber defences are robust. Once sensitive information is exposed, like it has been for the 2.6 million users in this case, it can be used for extremely targeted social engineering attacks on the customers involved.
Organisations in every sector increasingly rely on digital technologies to deliver their services; therefore, the key learning lesson for businesses that hold private information should ensure they have clearly defined security policies and procedures to avoid any information leak. In this instance, an exposed API has provided an open gateway for cybercriminals to scrape personal data from, and this may have been avoided by a thorough auditing of the API environment together with application security scanning to detect associated vulnerabilities.
From a reputation protection standpoint, being in the spotlight for data protection transgressions is not good for business. This story serves as a reminder for all organisations to invest appropriately in application security, data protection and cyber defences, and wherever possible to ensure that they have their approach to data security validated by trusted independent third parties, against technical controls.
Steven Wood, Director, Sales Engineering, OpenText comment on CloudNordic ransomware attack:
“The case of CloudNordic is a sad but not surprising example showing the power of ransomware attacks on organisations worldwide. Ransomware attacks continue to be one of the most prominent and persistent threat for organisations’ data and can cause immense damage to the public and private sectors. As is almost always the case, the ultimate victim is not just the company, but also its end-users. In the case of CloudNordic, which opted to destroy all of its ransomed data rather than pay its attackers, the negative impact on customers is crystal clear.
In terms of what the company should have done, it is impossible to say whether the losses that occurred this way are any less significant than if they had paid the ransom and retrieved affected customer data. Unfortunately, there is no one-stop-shop solution for safeguarding organisations’ data and eliminating the possibility of an attack. To limit the impact of these attacks and maximise cyber resilience, companies should have clearly defined security policies and procedures to avoid data and information leaks. This starts with employee education, specifically security awareness training programmes which can inform employees on the latest threats and information security, social engineering, malware, and industry-specific compliance topics. Attack simulations can also be used to automatically send users for re-education should any training issues be identified.
In cases such as these, reliable backups of all data is the most crucial part of the cyber security posture. Automatic, tested and validated backup can avert the need to destroy valuable data and can go a ling way to mitigating reputational damage. Organisations should ensure they are working with a technology provider who understands security challenges and who can supply mature, secure backup solutions to uphold your cyber resilience strategy.”