Bulgaria, an East European country, has suffered from the biggest data breach in its history that has resulted in the compromise of the personal as well as financial information of 5 million adult citizens out of the total population of 7 million people.
An unknown hacker who apparently is Russian, emailed the local Bulgarian media with downloadable links worth 11GB of stolen data that included information of taxpayer’s personal identifiable numbers, addresses as well as their financial data. The Russian hacker has only released 57 of the total 110 compromised databases which is worth 21GB in size. According to the National Revenue Agency of Bulgaria, the stolen data belongs to the country’s tax reporting service. Bulgaria’s NRA tax agency is facing a fine that is equivalent to 4% of the agency’s annual turnover.
What is the motive behind data breach attacks?
With the valuable information in hand, attackers can leverage this sensitive and confidential information for:
Financial gains: Attacker can further sell this information to third parties or competitors of the organization. On an average, it costs an organization $3.86 million for a single data breach.
Loss of information: In cases of such data breach, not only the organization will suffer from financial loss but also, will suffer from the loss of its most valuable resource. In a recent case of data breach, personal information of approximately 900,000 banking customers of three major Russian banks was leaked online. The data included customer names, their phone numbers, addresses, credit limit, passport details, workplace, year of birth, account balance etc.
Reputational damage: For any organization, the most dreaded repercussion is the harm to its reputation. Ultimately, customers start losing their faith in the organization and eventually, there is a downfall in organization’s customer base.
How can we prevent such data breach attacks?
- Do not assign administrative access to users without requirement and use administrator accounts only when needed.
- Organizations should invest in advanced security tools as well as technologies such as data-centric audit and protection that leverage analytics and has a positive return on investment for the organization.
- With ThreatCop, organizations can provide proper cyber security awareness and training to the employees allowing them to learn about different type of cyber-attacks that can otherwise steal an organization’s data for accessing corporate networks and accounts.
- Kratikal is one of the leading cyber security companies, that provides state-of-the-art cyber security products and services including managed security services such as network penetration testing, server penetration testing, VAPT etc. Managed services help in securing the cyber infrastructure of the organization against cyber-attacks.