Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 28 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

198 Million US Voter Records Leaked

by The Gurus
June 23, 2017
in Editor's News
data breach
Share on FacebookShare on Twitter

Earlier this week, it was reported that 198 MILLION US voter records were leaked on a public Amazon S3 storage server owned by a Republican data analytics firm, Deep Root Analytics. This is reportedly the biggest leak of its kind in history.
Various databases were found on the server, containing personal information of American citizens, including their name, date of birth, home address, phone number, and voter registration details- which shows their own voting preference. Deep Root Analytics, a republican data analytics firm, uses various data sets to help their political partners target potential voters, by analyzing big data, and was used in the 2016 presidential campaign.
They have since spoken out to take responsibility for the leak, whilst acknowledging they have no reason to believe their security systems were compromised.
Terry Ray, chief product strategist at Imperva, gave some insight on the breach;
“This was less a leak, but was rather an identified exposed server. From the information provided, the data is not known to have been stolen necessarily.  It sounds to me that this is another case of incorrectly secured cloud based systems. Certainly, security of private data – especially my data, as I am a voter – should be of paramount concern to companies who offer to collect such data, but that security concern should ratchet up a few marks when the data storage transitions to the cloud, where poor data repository security may not have the type of secondary data centre controls of an in-house, non-cloud data repository.
With more data being collected by companies than ever before, securing it is no small task. There are many factors that need to be taken into consideration. Are the environment and the data vulnerable to cyber threats? Who has access to the data? And there’s also the issue of compliance. Big data deployments are subject to the same compliance mandates and require the same protection against breaches as traditional databases and their associated applications and infrastructure.
He added-
“Much of the challenge of securing big data is the nature of the data itself. Enormous volumes of data require security solutions built to handle them. This means incredibly scalable solutions that are, at a minimum, an order of magnitude beyond that for traditional data environments. Additionally, these security solutions must be able to keep up with big data speeds. The multiplicity of big data environments is what makes big data difficult to secure, not necessarily the associated infrastructure and technology. There is no single logical point of entry or resource to guard, but many different ones, each with an independent lifecycle.”
Andrew Clarke, EMEA director at One Identity gave some pointers on how best to avoid this type of data breach in the future;

  • “Always ensure that only the right people can access data
  • Empower the owners of the data to easily put the proper access controls in place
  • Don’t assume that just because it is password it is safe (use multifactor and role-based access controls)
  • Slow down and make sure that governance is in place, especially for data stored in the cloud this means: The owners of the data decide what is right (not IT); making it easy for someone that is right for the data to get to the data; run periodic attestations to validate that all of the people with permission to access the data actually should have that permission”

He adds- “Once a “security first” and “Identity is the new perimeter” attitude is adopted, incidents will be dramatically reduced”.
 

FacebookTweetLinkedIn
Tags: Amazon S3cybersecuritydata breachDeep Root AnalyticselectionLeakUSA
ShareTweet
Previous Post

Westfield CIO: Data And Personalisation Are Key To Shopping Centre Survival

Next Post

Parliament cyber-attack 'hit up to 90 users'

Recent News

software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023
ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information