How to prevent data breaches

By Kaushik Patil
Boston Univerisity News Service

What is a data breach?

A data breach arises when a person or entity has unauthorized access to the data of another person or entity. Access to personal information, including credit card numbers, social security numbers, bank account passwords, family photos, and corporate trade secrets, can have terrible consequences. Several assessments and research have looked at leaked data, which amounts to billions of dollars in information stolen from data breaches. The cost of these breaches can range from $100 for a single person’s payment card number to millions for a massive corporation with millions of consumers and employees. This figure has been steadily increasing.

Types of data breaches

1. Phishing attack

Cybercriminals seek unlawful access and personal information to harm organizations and people with ransomware. They frequently launch phishing attacks to deceive staff and users into clicking on a falsified link or downloading dangerous files.

Along with the links and attachments, they frequently pose as someone respectable and authentic and ask you for information or credentials.

2. Breach of password

Data breaches are caused by lost, stolen, or guessed passwords. Even though there have been several violations in the past, many people continue to use weak passwords such as John12345!, Alice1998, 12345678, password123, etc. In comparison, a company’s lack of a password management system is significant.

3. SQL injection and web application vulnerabilities

SQL injection is a problem among the data breach kinds discussed above. SQL injection occurs when an attacker manipulates a web application’s back-end database with a malicious SQL statement to access database information. Depending on the attacker’s aim and access, the attacker can modify the database content, damage the system, or move laterally to access additional information on the server, design, or network.

Some tips to stay safe from data breaches

1. VPN

Because university-related information must be kept safe, utilize a Virtual Private Network (VPN) whenever you use your university’s email, server, or website. This ensures data is kept private and safe. Give detailed instructions on how to connect and use the VPN.

VPNs you can use:

1. NordVPN 
2. Surfshark
3. IPVanish
4. Atlas VPN 
5. PureVPN 

2. Connecting to unsecured networks

Logging in to unsecured networks, such as those supplied by coffee shops or in public locations can be risky. Viewing university-related content using a shared internet connection is not advisable. You should not communicate sensitive information over an internet connection that other people may see.

3. Backup

Backups of devices should be kept to a minimum. Backing up your phone or computer creates a new version of its data. While backups are helpful occasionally, each increases the quantity of data that must be secured.

4. Unique password generator

Make your passwords unique and strong. Ensure that your university-related passwords include letters, numbers, and strange characters. It is advisable to utilize both lowercase and uppercase letters. If you use the same password for many accounts, it’s time to change it. To store all your password in one place, you can use password managers such as 1Password. 

5. Unknown Links

Clicking on dodgy links or downloading files from unknown sources is not recommended. Hackers and scammers frequently use phishing emails that resemble the messaging of actual firms and the types of campaigns you are inclined to open. If you have any suspicions about an email containing an external link or attachment, double-check the sender before clicking or downloading.

Bonus Tips:

1. Unroll.Me 

Unsubscribe with one click. Unroll.Me will show you a list of your subscription emails, so you can instantly unsubscribe from what you don’t want.

2. Have I Been Pwned?

Have I Been Pwned? is it a website that allows users to determine whether their personal information has been compromised due to data breaches? You may check whether your email address has been compromised in any data breach.

Data breaches have occurred in the past and will happen in the future. There is no one-time cure for a data breach. Still, a specific dose of security assessments and controls can assist you in protecting your firm against a data breach.