.jpg){kind=avatar}
2018 will certainly be the year of the GDPR, the new European privacy legislation. Reporting a data breach is now compulsory and it shows. A small retrospect for 2018.
Increasing numbers
Not all leaks are reported consistently, but there is a significant increase. This was reported by the Data Protection Authority (the former Privacy Commission). In just six months there have been 317 reports of a data breach in our country, compared to 13 in 2017.
The European figures are even more impressive. Andrea Jelinek, the chairman of the European Data Protection Board (EDPB), said that 18,000 data leaks had already been reported since the law came into effect.
Where are the leaks
Research by the Data Protection Authority shows that there are particularly many leaks in the health sector. Other vulnerable sectors are telecom, insurance and also large internet companies do not always closely follow the rules. As you'll see Google and Facebook also appear in our overview of the most noticeable leaks.
Most notable data leaks from 2018
In our country
- Data breach attracts 64,000 visitors to Tomorrowland
- Fines for Uber after data breach, 100,000 Belgians are victims
- Data breach at the city of Antwerp, impacted 3,000 people
- Data breach at TicketMaster
- Hackers steal data from 15,000 Orange customers
- 61,000 Belgians victim of hack at Facebook
Around the world
- End of Google + after data breach at 500,000 people
- 860,000 passport numbers and 245,000 identity cards leaked at Cathay Pacific
- Huge data breach at hotel chain Marriott stole 500,000,000 customer data
- Heatmap from Strava app releases identity and locations of military personnel
- Large data leak on personality tests on Facebook discovered by Inti De Ceuckelaire
Conclusion
The examples above are undoubtedly just the tip of the iceberg. Data breaches can not be prevented by the classic Anti-Virus solutions, let alone by legacy Anti-Virus systems. The simple reason is that the breaches often come from internal people who misuse their usage rights to steal data.
Although it is largely correct that internal threats can not be prevented with 100% certainty, companies can set up effective scanning systems for their "IT assets & resources" to ensure that all anomalies are detected as early as possible. Detecting early indicators can drastically reduce the impact of a data breach & block the attack even in real-time.
That is why it is important to work with an Endpoint Protection solution such as Sentinel One, to monitor the internal resources with "SentinelOne Watchlists", Manage user rights of the end users and, for example, the number of insider-related threats to a minimum.
