EXPLAINER: What is data breach and how to prevent it?
CEBU CITY, Philippines – Despite having a tech-savvy population, the Philippines continue to fare poorly in terms of cybersecurity.
Recently, a healthcare insurance provider was the latest victim by hackers after personal information of its over 2 million customers have been compromised.
READ: Why cybersecurity is crucial for any business
Maxicare latest victim of data breach
This is not the first time data breach hit the Philippines, one of the countries most vulnerable to cybersecurity threats worldwide.
READ: Cyberattacks in PH down 20% in 2023
In this explainer, CDN Digital will explain why hackers commit cyber-attacks such as data breach, and why it is important for netizens to protect themselves from cybercriminals.
What is data breach?
Data breach is just one of the many forms of cyberattacks out there, in which criminals steal or gain unauthorized access to data – be it personal or organizational.
Here in the Philippines, a report from the Department of Information and Communication Technology (DICT) showed that data leakage or data breach is the second most common type of cyber incidents, next to malware, accounting for 12.5 percent as of February 2023.
They can be carried out online and even in real life. And it can result in dire consequences like identity theft, additional financial losses, and even hurting the bottom line of businesses.
An individual stealing external hard drives containing sensitive information can be considered data breach, according to the International Business Machine (IBM).
Phishing, when cyber criminals use fake sites or manipulate unsuspecting users to give out sensitive information, is also a type of data breach or leakage.
One of the most rampant methods of phishing involved scammers asking for personal data like credit card details and bank account passwords by pretending as bank personnel.
Most hackers use the data they stole for profit, IBM added. They also sell the data themselves to other malicious actors in the dark web.
How it happens?
Data breaches can happen anytime and due to multiple reasons, including weak cybersecurity infrastructure and social engineering.
Insufficient security protocols around an organization’s digital assets can be exploited by hackers.
Meanwhile, phishing which usually falls under social engineering, deceives victims in releasing personal data and other confidential information.
Data breach can also occur when malicious insiders, or people with authorized access to confidential data, deliberately leak information or personal gain.
In some cases, cyber criminals use certain tools and programs to attack an individual or company’s cybersecurity measures in order to steal data.
In the case of Maxicare, the leaked data exposed detailed personal and booking information, which included first names, middle names, last names, units or vendors, companies, emails, and codes for rewards clubs.
Member-specific information such as full names, company identifications, 16-digit Maxicare card numbers, corporate code, account type, date of birth, sex, mobile numbers, email addresses, and VIP statuses was also part of the leak.
What to do
Fortunately, data breach can be prevented in multiple ways. For one, individuals are advised not to connect to unsecured network like public WiFi as hackers can easily transmit malware to steal sensitive information via this route.
For companies and organizations, experts suggest investing in critical cybersecurity infrastructure as well as employees who have the skills and knowledge to counter cyber threats before they can attack their digital assets.
Simply downloading updated security patch can also help reinforce a device’s ability to counter cyber threats like detecting possible malware from suspicious websites.
In addition, experts continually remind everyone not to give out personal information like card numbers, one-time-passwords (OTP) to anyone. Even bank institutions never voluntarily or actively ask for these details.
And last but not the least, educating and informing the general public on best practices to avoid falling victims into social engineering can also help prevent data breach from happening. /with reports from INQUIRER.net, Philippine Daily Inquirer
Sources
- What is a Data Breach & How to Prevent Data Leaks (kaspersky.com)
- What is a Data Breach? | IBM
- Maxicare latest victim of data breach (inquirer.net)
/clorenciana
Disclaimer: The comments uploaded on this site do not necessarily represent or reflect the views of management and owner of Cebudailynews. We reserve the right to exclude comments that we deem to be inconsistent with our editorial standards.
