Every day there is news about cyber attacks on public organizations or companies where cybercriminals typically look for steal information to be able to blackmail companies or even block their computers to demand a ransom to free them.
The cybersecurity It was born as a need to safeguard information, for which we find cybersecurity experts. If you want to be one of them, you can train with the Master in Cybersecurity, Ethical Hacking and Offensive Security in EIP.
Well then, We call data leaks Data Leaks (hence its name) restricted access by unauthorized parties to this data. The danger exists if these data or “Leaks” as they are also called, are exposed and published.
Normally, this data theft usually originates from a web or email attack, but sometimes it can occur through portable storage devices, such as hard drives, USBs or electronic devices such as laptops, tablets or mobile phones.
Types of Data Leaks
Accidentally
Not every data leak comes from a cyber attack, luckily, most data leaks that are produced in companies are accidental.
For example, him sending a letter or email to the wrong recipient whose content is confidential data.
Disgruntled or ill-intentioned employee
Also called “data leak”, consists as we can imagine in the theft of data by a own employee of the company.
It may be the case that the cybercriminals promise a payment to an unreliable employee for the theft of data or this person simply wants to damage the company's image by making confidential data public.
Theft can be as simple as take a photo with your mobile, export data to a pendrive or even the theft of documentation for their evil purposes.
Phishing attack
Unfortunately these types of attacks are the order of the day, they have a very large success rate in data leak and it grows more every day, possibly because they depend on the human factor as vulnerability.
We already talked to you last week about the stroke phishing where they impersonated the Tax Agency by referring you to a website to ask for your bank details, but sometimes we can find malware files which when installed in our system can cause leakage of confidential data.
As an example, on January 11 of this year, a Chinese social media management company, Socialarks, suffered a Data Leaks due to an unsecured database that exposed the account details and personally identifiable information of at least 214 million users of social networks Facebook, Instagram and LinkedIn.
The information exposed for each social network varies, but includes usernames, phone numbers, email addresses, profile images and descriptions, and even location, among others.