Information technology and the internet have become our daily lifestyle. As time goes by, plus the acceleration of IT use due to COVID-19, digitalization is increasingly massive and has penetrated various levels of society.
Data digitization certainly brings many benefits. For example, storage space is more efficient and optimal, data is safer from various forms of disasters, remote collaboration is easier and faster, costs are more efficient because there is no need to print documents or store cabinets, and stored files are more stable and can be improved in quality (for example, images can be increased in resolution, etc.).
On the other hand, data digitization also poses a risk of data leakage. This is especially true for data stored in the cloud. Hackers can enter systems and storage places in the cloud to steal data. Cybercriminals, with various methods that are always updated, snoop on access to data containing sensitive information. Then, ask for ransom money to data owners whose data is being held hostage, or sell the data to the black market to be used by others with malicious purposes (stealing identities, carrying out cyber attacks, and other criminal acts).
To find out how big the impact of data leaks is, let’s take a look at some of the data leak cases that have shocked the world below!
Data leak case of 540 million Facebook user data
In 2019, Facebook reported a data breach case. The data breach occurred because Facebook was unable to protect the large amount of information it collected. Two service databases on Amazon’s S3 cloud were publicly accessible. One database belonged to a Mexican media company, Cultura Colectiva, and the other to Facebook’s integrated app, At the Pool.
The data from the Cultura Colectiva breach consists of more than 540 million cases that reveal likes, comments, reactions, account names, and Facebook IDs. At The Pool’s database contained less but more detailed user data such as what Facebook users like, photos, books, movies, music, friends, groups, events, interests, check-ins, and 22,000 unencrypted passwords.
The consequence of this security breach is that the data is publicly available for download. Then, people can use that data to try to hack in the future using social engineering attacks.
The case of the leak of personal information of 198 million voters in the United States
The personal and political information of 198 million voters in the United States was leaked in June 2017. The information was collected by the Republican National Committee during Trump’s 2016 election campaign. The database contains name, gender, date of birth, surname, ethnicity, religion, home address, email, phone number, registered party affiliation, racial demographics, voter registration status and other personal identifiers. Data from three data analytics companies – Deep Root Analytics, TargetPoint Consulting and Data Trust – was left unprotected in cloud storage.
The case of 400 million Twitter account data sold during Christmas 2022
A hacker reported that 400 million Twitter accounts were affected by a data breach. Hackers obtained the emails and phone numbers of 400 million Twitter account users. The exposed data was sold on the deep web. The hackers claimed the data information was important and contained email addresses and phone numbers of famous people, government employees, business people, and ordinary users. Not only that, the data also contains usernames, the number of followers, and the date the account was created.
The leaked data contains information from various sources such as WHO, SpaceX, CBS Media, NBA, NASA’s JWST, and famous figures such as Donald Trump Jr., Doja Cat, Charlie Puth, and Shawn Mendes.
Hackers are blackmailing Elon Musk to buy the data or face GDPR lawsuits for Twitter’s failure to protect its users’ data. The hacker indicated that he was willing to negotiate the “deal” through a middleman.
These are some examples of data leakage cases that have taken the world by storm. Remember to always apply the principles of safe use of IT devices and surfing in cyberspace. This can increase security against possible data leaks.
