The 'Mother of All Breaches' Just Happened — Here's the Security Implications for Businesses If your business exists online, chances are some percent of your customers' data got leaked in what cybersecurity specialists boldly labeled as the "mother of all breaches" (MOAB).
By Ihar Kliashchou Edited by Micah Zimmerman
Key Takeaways
- This 12-terabyte behemoth will send shockwaves through the business community, posing a continual threat to personal information and corporate security.
- Business leaders must move to a proactive stance
Our biggest sale — Get unlimited access to Entrepreneur.com at an unbeatable price. Use code SAVE50 at checkout.*
Claim Offer*Offer only available to new subscribers
Opinions expressed by Entrepreneur contributors are their own.
At the beginning of the year, Security Discovery and Cybernews researchers uncovered a dataset of 26 billion(!) leaked entries associated with LinkedIn, Twitter.com, Tencent, Dropbox, Adobe, Canva, Telegram and other platforms. Government agencies in the U.S., Brazil, Germany, the Philippines, and Turkey are also among the organizations hit by the "mother of all breaches" (MOAB).
As the investigation team reported, a significant share of information in the dataset was compromised during past data breaches. However, the stash also contains new data.
Aftermath for businesses
Simply put, this 12-terabyte behemoth will send shockwaves through the business community, posing a continual threat to personal information and corporate security.
But this is not just a breach; it's a comprehensive toolkit for threat actors to orchestrate an endless number of cyberattacks, including identity theft. Criminals can maliciously exploit the stolen personal data from the MOAB dataset. It is a powerful weapon capable of wreaking havoc on a global scale.
Related: How to Protect Your Customers (and Your Brand) From Data Breaches
So, in the coming weeks, it's time to move to a proactive stance. Here are some signals businesses should listen to when monitoring their infrastructure:
- Uncommon access scenarios. In light of a data breach like this, keeping a close eye on access logs for any unusual activity is critical. A sudden surge in requests or unfamiliar IP addresses could indicate unauthorized entry. Logins during non-standard hours, especially outside of ordinary business hours, may be considered malicious activity as well.
- Suspicious account activity. In an attempt to take over the compromised account, scammers may reveal themselves through unexpected adjustments in user privileges or alterations to account roles. Frequent changes in login locations, irregular login times, and spikes in data access are also red flags.
- Surge in phishing attempts. Massive breaches often provide fertile ground for cybercriminals to launch phishing attacks targeting employees or customers related to affected brands. Unscheduled phishing training or educational campaigns may help your staff and clients recognize phishing scams at early stages.
- Abnormal network traffic. Another alert of malicious activity is unexplained spikes in outbound traffic and unusual communication patterns between internal systems.
- Boost in helpdesk requests. A growing volume of user requests to the support team can also indicate a problem, especially when there is a sudden surge in inquiries related to compromised accounts or suspicious activities.
- Customer feedback. An influx of complaints about unauthorized access, account compromises, or suspicious transactions should trigger an immediate investigation.
A new security paradigm
Unfortunately, the MOAB is just a single event in the never-ending war between cybercriminals and corporations. In an age of the constant growth of security threats, companies must develop a refined sense of foresight. Recognizing patterns and anomalies within their data is not just a skill; it's a necessity. The MOAB underscores the importance of proactive monitoring, urging companies to invest in robust systems that swiftly detect irregularities.
Importantly, entering this new reality means that user security is again becoming more crucial than user experience. Some companies have a hard time accepting that fact. However, in the long run, it's worth the gamble.
It doesn't imply building a kind of imposing wall with menacing guards around your infrastructure that makes users avoid your service. The security measures you deploy can be easy to use for customers. The latest identity verification options — such as self-check-in at airports — prove the concept while staying user-friendly and secure.
Guide to the transformation
Effective information security management powered by global standards such as ISO/IEC 27001 and ISO/IEC 27002 is at the core of the process. By adhering to the standards, an organization guarantees that it has established an Information Security Management System for addressing security risks associated with data owned or managed by the company. Despite certification often being associated with enterprise-level organizations, middle-sized companies, especially those from industries where data safety matters, such as FinTech, should not skip this step. Moreover, unlike ISO 27001, you don't need certification to prove compliance with ISO 27002, which, being more informative than regulatory, details the controls required.
Enhancing authentication policies may be the next step to take. Unfortunately, you can't rely on your customers to be prudent while setting logins and passwords. Nevertheless, nudging them to select more advanced options is under your control.
More companies across different sectors now implement multi-factor authentication involving users' biometrics like fingerprint scans or face recognition. With the idea of a passwordless future pushed by tech giants like Google, this approach is gradually becoming an industry best practice. On the one hand, setting a "Privacy Screen" to secure Google Drive on iOS mobile devices through Touch ID or Face ID requires additional action on the user's end. On the other, once the feature is enabled, user satisfaction soars as well.
Finally, the adoption of liveness detection technology — both for IDs and selfies — in identity verification procedures is crucial. It helps determine whether the source of a biometric sample is a live individual, and provides evidence that a user-submitted document photo is a genuine passport or other document. Additionally, this step can be made mandatory, not only during registration for a service but also at the purchase stage. Neural networks under the hood of the liveness detection process are constantly improving, showing high accuracy rates. That also contributes to data processing speed, making it possible to perform a liveness check in seconds.
Related: 8 Ways a Data Breach Could Take Out Your Company Tomorrow
Final thoughts
The MOAB incident serves as a call to action for businesses worldwide. Unfortunately, the brand names on the MOAB list prove that there is room for improvement for all the companies, including enterprise-level. It's more critical than ever to bolster defenses, sharpen our cyber instincts, and fortify our systems against the impending storm.
Still, there is no need to turn the sign-in or payment processes into a math quiz with a bunch of problems to be solved on the customer's part. UX still matters, especially for companies from B2C sectors whose success is measured by the number of active users. For this reason, a mobile banking app is always more secure than an e-book subscription service.