Cybersecurity breaches are becoming a serious concern for organisations. According to a study by IBM Security, the cost of a data breach has risen by 12% over the last five years. Today, the average data breach costs organisations about US$ 3.92 million.
In this article, we list some of the biggest data breaches that occurred in the ASEAN region in 2019. If we take a closer look at the breaches, we will see a common thread as to why and how they happened, as well as how the incidents could have been avoided.
Astro – After experiencing a huge data breach in 2018, Astro experienced another breach in 2019. The organisation went on to confirm that its customers’ personal data such as name, identification number, date of birth, gender, race and addresses were leaked. While Astro reps claim that they have improved their data protection, this incident proves that cybercriminals can (and will) attack the same organisation more than once and a stronger security posture as a whole is needed.
Malindo Airlines – Probably the biggest breach involving an airline in the region. Malindo Airlines reported that two former employees of its e-commerce contractor were responsible for a data breach resulting in personal data of millions of passengers being leaked onto data exchange fora. To prevent this from happening, companies should first and foremost improve data security in order to have better control over who has access to their data. For instance, they need to remove access and change passwords whenever employees leave the company. The whole process can be automated and simplified with a combination of modern privileged access management and access control solutions.
Ministry of Defense Singapore – Primary investigations by Singapore authorities revealed that two malware incidents could have led to the leak of personal data of thousands of personnel from the Ministry of Defence (Mindef) and the Singapore Armed Forces (SAF). The incidents involved third-party vendors. This breach shows how organisations need more visibility on their data, especially when using third-party vendors to work on sensitive data. Access management would again play a crucial part here while having advanced malware detection and protection could significantly help protect employee endpoints from being exploited to initiate a breach.
Indonesian ‘Kartu Keluarga’ Family Card – Stolen data records of millions of Indonesian citizens were reportedly being sold on several underground marketplaces. The data contained personally identifiable information, including full names, addresses, identity card numbers, date of birth, full details of their family members and other details commonly found in Kartu Keluarga records. This is another example of a case whereby uncontrolled access and authorisation to data has led to massive data leaks. Organisations must have visibility into their corporate data. There are now solutions that allow them to monitor and enforce a wide range of policies, including sensitive data access, database change control, and privileged user actions. Therefore, being overwhelmed by a large number of users and data across heterogeneous environments should no longer be an excuse.
Toyota – While Toyota’s biggest attack was in Japan, affecting 3.1 million customers, its subsidiaries in Thailand and Vietnam were also affected. According to reports, hackers gained unauthorised access to databases revealing names, contact information, birth date and employment status. However, Toyota said no customer credit card information was revealed. For this breach, it was reported that the hack originated from a hacker group in Vietnam. However, Toyota was able to detect the breach and implement enhanced security measures to its dealers across the entire corporation. Meaning, they were able to prevent the attacker from getting more information from them.
Sephora – A data breach, comprising personal information of customers, including personal information and data relating to beauty preferences. Customers who have used Sephora’s online services in Singapore, Malaysia, Indonesia, Thailand, the Philippines, Hong Kong, Australia and New Zealand were affected by the breach in what likely seems to be a case of espionage. What we can learn from this breach is that, besides gaining control over sensitive data, organisations must ensure they are well protected against other threats such as malware, online fraud and identity theft, which are becoming more rampant as the value of data continues to rise.
So how can organisations avoid breaches from happening? There is no single solution or a “silver bullet” that can make all of an organisation’s security issues go away. Based on the incidents we have highlighted above, at the very heart of it lies the urgent need for organisations to have visibility and control over their data.
Without firstly knowing what sensitive data they have and where the data is stored, they won’t be able to protect the data from internal and external threats, minimise risk and adapt to IT-related changed that may impact data security.
The next most obvious answer is for enterprises to take a layered approach to cover up exploitable security gaps and vulnerabilities, especially when third parties are involved.
This all sounds complicated but established technology vendors like IBM have over the years developed an ecosystem which makes it possible for data-driven organisations to have that layered approach to data security.
For instance, the IBM Guardium is a data security platform that enables organisations to discover, analyse, monitor and protect sensitive data across complex environments. It is undoubtedly comprehensive and effective, but it cannot work alone.
Depending on the needs of the company, Guardium can be seamlessly integrated with a range of security solutions for privileged access management, advanced malware detection and online fraud protection, access control and multi-factor authentication and many more.
The biggest lesson we should take from all this is that securing data in the digital age requires a holistic approach that can simplify complexities, automate processes within different security domains, and work together in a synergistic manner.