Connect with us

Hi, what are you looking for?

Tech & Science

Online music marketplace Reverb suffers data loss (Includes interview)

A vintage 1974 Martin D28 Acoustic Guitar - Alex Allen
A vintage 1974 Martin D28 Acoustic Guitar - Alex Allen

Reverb were using an Elasticsearch server, and the issue was detected by security researcher Bob Diachenko. The data contained on the server consisted of 5.6 million records, including customer names, emails, addresses, listing/order information, and phone numbers. Each of these represented an item of personal information. Following the incident, the database was secured. However, it remains unknown for exactly how long the database was exposed for, according to Bleeping Computer magazine.

Looking into the incident is Anurag Kahol, who is the CTO and co-founder of Bitglass.

Kahol outlines to Digital Journal what the database exposure meant, in terms of its impact: “In this breach of more than 5.6 million records, individuals’ names, email addresses, phone numbers, and addresses were among the compromised information.”

This carries consequences, for while the amount of time the database was exposed is currently unknown, there was plenty of opportunity for “a malicious actor to have easily obtained access and leveraged the data for highly targeted phishing attacks.”

The data in the hands of the hacker is problematic, as Kahol explains: “Unfortunately, with this data in the wrong hands, victims’ physical safety could also be at risk. This further validates the need for complete visibility and control over all data across the IT ecosystem–including that which is stored in the cloud.”

There are different strategies that companies should be enacting in order to boost protection. Kahol summarizes these as: “To mitigate the risk of unauthorized access to sensitive data, organizations must adopt robust, flexible, and proactive cybersecurity platforms.”

Examples supplied by Kahol include: Data loss prevention (DLP), multi-factor authentication (MFA), user and entity behavior analytics (UEBA). To add to these, there is cloud security and posture management (CSPM) capabilities.

Kahol explains that “these technologies can give organizations visibility and control over customer information and guarantee it is truly secure.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

The Cold War-era submarine has become a symbol of Albania's tumultuous communist past - Copyright Russian Defence Ministry/AFP HandoutBriseida MEMARetired sergeant Neim Shehaj spends...

Tech & Science

An illustration provided by NASA of the Mars InSight lander.Lucie AUBOURGAfter some four years probing Mars’ interior, NASA’s InSight lander will likely retire this...

World

The IMF approved a $6 billion bailout for Pakistan in 2019, but payment tranches have been stalled over the pace of economic reforms -...