Skip to main content
Articles

What does a Data Leak Actually Look Like?

By CybelAngel Tue Aug 3, 2021
AWS S3 Data Leaks

What does a Data Leak Actually Look Like? Three examples from a CybelAngel cyber analyst.

Every data leak is like a snowflake, unique and special. But that doesn’t mean we can’t categorize them. Three common types of data leaks are the “Oops Exposed Database,” the “Third Party,” and the “Forgotten One.” Let’s take a look at each of these, to appreciate what makes them unique:

The “Oops! Exposed Database”: CVS March 2021

We tend to have an idea that data breaches result from hackers in a hoodie sitting in a dark room surrounded by the whir of computer fans. While that stereotype exists for a reason, the reality is that many breaches are caused by leaving the door to data open.

Human negligence is responsible for as much as 30% of data breach incidents. An example of these “oops” is the CVS breach of March 2021. CVS created an online customer database of one billion records but they did not password protect it. Luckily, this exposed database was found quickly and taken down in a day.

The “Third Party”: Prison Blueprints

Another opportunity for data leaks can be found among third parties, such as print shops. Many print vendors use open FTP servers for clients to easily upload files to be printed, shared, or used. The tradeoff to this convenience is that these servers are open.

A CybelAngel client, an architecture firm, shared confidential prison blueprints with a specialty printer as part of the construction process. Unfortunately, these blueprints were visible to any who wanted to view them. The vendor was unaware of their FTP server’s open status. Luckily our analyst team found both the server and blueprints quickly and secured them both. You can read more about it here.

The “Forgotten Ones”: Marketing Data Left Behind

Companies often struggle to maintain an accurate inventory of their databases and the critical data objects contained within them. Forgotten databases may contain sensitive information, and new databases can emerge without visibility to the security team. The sensitive data in these databases will be exposed to threats if the required controls and permissions are not implemented.

A CybelAngel client, an e-commerce company, hired a vendor to implement a new rewards program. As part of the implementation, a new database was created, and the old database was set to be retired. Unfortunately, the old database was left unsecured during the transfer and forgotten. This database contained credit card information, credentials, and more. Luckily for our client, the CybelAngel analyst team has their back. We located the forgotten database before it was exposed and were able to resecure it. You can read more about that here.

Is that all?

These three types of data leaks are not mutually exclusive. In many cases, a data leak will combine two, three, or more categories. What’s essential in each is that case awareness of the data leak is instrumental in preventing a data breach. CybelAngel Data Breach Prevention is a vital digital risk protection tool that gives companies visibility into data leaks before becoming costly breaches.