VoterVoice is designed to connect lobbying firms and campaign groups to alert interested individuals about hot-topic issues. According to TechCrunch, the organization left a server exposed that contained over 300,000 unique email addresses, home addresses, phone numbers and other personal information that could indicate political persuasions and religious beliefs.
The server was discovered by an ethical security researcher called John Wethington; however, the server was exposed for an unknown amount of time meaning that an individual with nefarious intentions could have found it first. In terms of the implications, two cybersecurity experts discuss with Digital Journal what the implications of the data breach mean for those affected and for organizations in general.
Why the data breach occurred?
Describing what has happened Brian Johnson, CEO and co-founder, DivvyCloud, explains: “In VoterVoice’s case, the infrastructure was exposed for an unknown amount of time meaning that nefarious individuals could have already accessed sensitive information without anyone knowing. Being compromised is bad enough, but being compromised and not knowing it is much worse. All companies should have security tools and plans in place to proactively avoid any data leaks.”
“In terms of what actions should be taken, Johnson states: “Organizations must be diligent in ensuring the consumer data they are entrusted with is protected with proper security controls. Organizations need to focus on internal operations. Databases, storage containers, search engines, and other cloud data repositories are often incorrectly configured. For example, the container permissions may be too broad, allowing anyone to access the data. Containers may have been serviced by people who aren’t familiar with cloud security.”
Why this happens?
And in terms of how things can go wrong, Johnson says: “These misconfigurations are often the result of something as simple as a developer that was unaware of how to properly secure the cloud service, or a simple oversight. For example, a developer may have tweaked a storage container configuration as part of troubleshooting, leaving it open to the public.
Once the application began working again, they moved on to another project completely forgetting about the exposed storage container. There are dozens of situations that may result in changes to a container’s configurations. Organizations are often made vulnerable because they don’t have processes in place to prevent or manage insecure software configurations and deployments.”
Cloud Ops solution
As for the future state, Johnson advises: “That is why companies must invest in cloud operations (CloudOps). CloudOps is the combination of people, processes, and tools that allow for organizations to consistently manage and govern cloud services at scale. Key to this is hiring and developing the right people, identifying processes that address the unique operational challenges of cloud services, and the automation of these processes with the right tools. Automated cloud security solutions give organizations the ability to detect misconfigurations and alert the appropriate personnel to correct the issue, or even trigger automated remediation in real-time.”
Identity and access management
Preventive measures are also discussed by Rich Campagna, CMO, Bitglass, who tells Digital Journal: “To prevent unauthorized access to consumer data, organizations must adopt robust, flexible, and proactive cybersecurity platforms that include identity and access management capabilities. This functionality allows organizations to verify users’ identities, detect potential intrusions, and enforce step-up, multi-factor authentication in real time.”
A need to work with the government
Collaboration is an important factor in prevention, according to Ruchika Mishra, director of products and solutions, Balbix, who informs: “Organizations that interact closely with elected government officials need to take a much more stringent approach to security. Leveraging security tools that use artificial intelligence to continuously monitor for vulnerabilities and misconfigurations, so these issues can be identified and remediated in real-time, is a must. Giving voters an outlet to communicate with elected officials is great in theory, but only if that communication is kept secure and the public has trust in both the platform and process.”