Last week security researcher Bob Diachenko of Security Discovery revealed that he identified 800 million unprotected records stored in a “150GB-sized MongoDB instance online.” He was able to find them through searches on the open web, as the instance was not secured with a password. Within the trove were records containing emails, phone numbers, and business leads. According to Diachenko:
Following the reveal, multiple news outlets reported on the breach. Several stories included commentary from Dtex, which highlighted how cloud data exposures are becoming a leading insider threat trend. A couple that leveraged Dtex expertise included:
The Register: That marketing email database that exposed 809 million contact records? Maybe make that two-BILLION-plus, by Thomas Clayburn. Writes Clayburn:
SC Magazine: Unprotected MongoDB database exposes 763M unique email addresses, ‘business intel’, by Teri Robinson. According to Robinson:
Read Diachenko’s full blog: 800+ Million Emails Leaked Online by Email Verification Service
This example of how user negligence impacts security is of course not the only one rocking headlines. Another story revealed how basic misunderstanding of how cloud sync-and-share services work has led to breaches across several companies. According to a TechCrunch headline, Dozens of companies leaked sensitive data thanks to misconfigured Box accounts. According to the story:
Read more about how frequently insiders are exposing data in the cloud and get tips on how to avoid such errors in the Dtex 2019 Insider Threat Intelligence Report
Malicious Intent
The malicious insider threat drives many headlines, despite being responsible for a small percentage of incidents. When malicious actors are detected, forensic analysis of their crimes often times reveals catastrophic outcomes, as was the case with Edward Snowden and a few other criminal insiders of his kind. According to The New York Times, global retailer Walmart was allegedly attacked by a malicious set of insiders who were engaged in a form of business espionage. In Walmart Vendor’s Employees Face F.B.I. Inquiry for Snooping on Retailer’s Internal Emails, writers Michael Corkery and Adam Goldman reported:
And…
Later in the story, how the bad actors were detected is revealed. And, it’s pointed out that Walmart added measures to identify nefarious actions that may occur in the future:
In this case the malicious insiders didn’t just get information they were after, they also got caught, albeit after the fact. If ever there have been examples of why monitoring is needed to understand how insiders are interacting with data and systems in real time, the aforementioned provide an ample set of use cases.
Click to learn more about how the Dtex Advanced User Behavior Platform addresses insider threat types like the ones highlighted in this week’s blog.
Topics
Subscribe today to stay informed and get regular updates from DTEX Systems
Interested in learning more?
Subscribe today to stay informed and get regular updates from DTEX