Connect with us

Hi, what are you looking for?

Tech & Science

Unsecured server triggers Ticketcounter data breach (Includes interview)

Representation of data at the Design Museum. By Tim Sandle
Representation of data at the Design Museum. By Tim Sandle

The hacker proceeded to publish the personal data for free on a hacker forum. The exposed information would appear to include full names, email addresses, phone numbers, IP addresses, and hashed passwords, as Bleeping Computer reports. This is the type of data collated for each purchaser of tickets.

Looking at the issue from a cybersecurity perspective is Anurag Kahol, who is the CTO and co-founder of Bitglass.

Kahol sees the issue as opening up a continuing cybersecurity issue – a lack of having basic security measures in place. He states: “Leaving a database vulnerable poses a major threat to data security. Plus, data subject wellbeing, regulatory compliance, and brand reputation are also affected. It does not take much effort for outsiders to find unsecured databases and then to access sensitive information. Personal data is precious, and it is imperative that the proper controls are in place to secure it.”

There are solutions readily available fort businesses, says Kahol: “There are now tools designed to detect misconfigurations within IT assets like ElasticSearch databases. Abusing misconfigurations has grown in popularity as an attack vector across all industries.”

It is important not to forget the consequences of such security weaknesses in terms of data control, says Kahol. By this he means: “Even companies with limited IT resources must take full responsibility for securing user data – there is no excuse for negligent security practices such as leaving databases exposed.”

For remediation activities Kahol recommends: “As such, companies must turn to flexible, cost-effective solutions that can prevent data leakage; for example, cloud access security brokers that boast features like cloud security posture management, data loss prevention, user and entity behaviour analytics and encryption of data at rest. With these types of capabilities an enterprise can be certain that its data is truly safe.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

Calling for urgent action is the international medical humanitarian organization Doctors Without Borders/Médecins Sans Frontières (MSF)

World

Immigration is a symptom of a much deeper worldwide problem.

Business

Saudi Aramco President & CEO Amin Nasser speaks during the CERAWeek oil summit in Houston, Texas - Copyright AFP Mark FelixPointing to the still...

Business

A recent article in the Wall Street Journal infers that some workers might be falling out of the job market altogether.