SJUK caught up with to Christian Scott, COO and CISO, Gotham Security, an Abacus Group Company about one of the world’s largest data leaks, spanning over 26 billion records.

SJUK: Which companies were affected by this leak, when was the leak discovered and who first discovered the leak?

Christian Scott (CS): “The leak reportedly spans 26 billion records, so as you might imagine, many companies and indeed people, are impacted. The brands listed as compromised include LinkedIn, Adobe, Dropbox and MySpace.

The breach was discovered by Bob Dyachenko, a cybersecurity researcher and owner of SecurityDisocvery.com, along with the Cybernews team and whilst it’s not been made clear when they first discovered the issue, it was made public on January 22^nd.

The companies impacted in this leak now risk significant and far-reaching implications, including financial implications and potentially regulatory fines, as well as significant reputational damage.

All businesses are trusted by their partners and customers to keep their data safe, and once that trust has been compromised, it’s incredibly difficult to win it back.

SKUK: What has happened?

CS: While significant in size, the breach follows a pattern of malicious actors aggregating leaked credentials of several unrelated data breaches together into one database like COMB in 2021.

Malicious actors are able to leverage these breached credentials at scale to conduct credential-stuffing attacks against other services and company accounts in an attempt to gain access to additional systems via reused passwords.

Furthermore, this information allows malicious actors to infer commonly used passwords by staff at an organisation to perform curated password spraying attacks.

SJUK: What are the implications?

CS: The companies impacted in this leak risk significant and far-reaching consequences, including financial implications and potentially regulatory fines, as well as significant reputational damage.

All businesses are trusted by their partners and customers to keep their data safe and once that trust has been compromised, it’s incredibly difficult to win it back.

SKUK: What should organisations and staff do to avoid similar issues?

CS: This underscores the importance for staff not to leverage reuse passwords, employ long passphrases, change compromised passwords and implement multi-factor authentication (MFA) in as many places as possible.

For organisations that do not yet have a robust corporate password management solution in place with automatic credential breach/leaking monitoring, you can utilise HaveIBeenPwned’s free domain search tool which has been a staple in the security research community.

Additionally, organisations shouldn’t consider multi-factor authentication as a fool-proof strategy for preventing staff from being compromised.

It’s important to implement features like Impossible Travel Detection, Device-based Conditional Access Policies and Additional Login Context With Reverse Number Matching on MFA push notifications within Microsoft Entra (Azure AD) and Intune.

Lastly, staff should consider their personal security posture as well to protect themselves and their families.

Attacking individuals to get a foothold into a greater organisation is a standard technique employed by malicious actors, which is why we offer Privacy Data Sanitisation services to proactively protect our customers.”

More Security News