A data breach can wreak financial and logistical havoc for companies who experience them, not to mention customers, employees, and others who depend on or work with the breached organization. And even though it seems like data breaches are becoming more pervasive, they continue to severely impact organizations’ carefully built reputations – and may send existing and potential customers running to a competitor.
Admitting mid-May to a data breach, EasyJet became yet another victim of lax data security as they confirmed that nine million customers’ personal data was compromised, including travel plans, email addresses, and credit card details of more than 2,000 customers. Nine million EasyJet customers must now increase their vigilance against phishing attempts, and thousands have to more closely monitor their financial information.
Lessons in Personal Data Security Breach
Airlines have always been hacking targets; previous data breach examples include the British Airways breach in 2018, which resulted in a hefty fine. While this incident should have been the canary in the coal mine for the aviation industry – among others – it’s clear that organizations need to step up their cybersecurity programs. To make matters worse, hackers have only honed their attack strategies during the COVID-19 pandemic.
Although EasyJet has not yet revealed how the breach occurred, investigation into the incident “suggested hackers were targeting ‘company intellectual property’ rather than information that could be used in identity theft,” according to a BBC article that broke the news.
Related Reading: Three Lessons Learned From a Data Breach
Like miners tapping into a new vein of gold, hackers flock to the slightest gap in security to extract as much data as possible. As the EasyJet data breach demonstrates, while sensitive company information may be the target, other valuables like personal data or credit card information can get caught in the crosshairs, especially if they’re easy pickings.
Avoid Becoming the Next Data Breach Example
As the ICO correctly stated following the EasyJet breach, “people have the right to expect that organizations will handle their personal information securely and responsibly.” That fundamental expectation can – and should – influence your organization’s day-to-day security practices.
The reason for EasyJet’s data breach has not yet been revealed, but there are key steps all organizations can take to reduce the risk of data security breaches. First, re-evaluate your cybersecurity program, and ensure your people, tech, and processes are set up to withstand potential attacks. If not, consider new methods – whether that’s employee education, new software, or tweaks to existing cybersecurity policies.
Related Reading: 10 Cybersecurity Tips and Best Practices
How Fortra Can Help You Mitigate Your Risk
Fortra’ security solutions can help you find, close, and avoid the gaps in your current cybersecurity plan. Whether you want to put your strategy to the test, amp up encryption, or inspect data movements more closely, Fortra has a solution for you:
Test Your Defenses
First, understand your vulnerabilities. With Core Security, you can take a comprehensive and predictive approach to your data security. Penetration (pen) testing helps you identify risks and cracks in your organization’s cybersecurity defenses, whether through third-party services or pen testing software that gives security teams the power to easily conduct advanced testing in a secure platform.
Monitor Your Network Traffic for Malicious Activity
Recent surges in remote work have increased the connections into many organizations’ networks, opening new doors for all types of attacks. Whether employees are deliberately opening connections with a secure work laptop or inadvertently with insecure connections and devices, make sure you know what traffic into and out of your network looks like. Monitor your network traffic to discover malicious activity and quickly and confidently identify infected devices in your network. This helps ensure you can take swift action the moment something out of the ordinary is discovered.
Manage Your Data
Ensure your data is secure and that your organization takes precautions while both transferring and storing data. GoAnywhere Managed File Transfer allows for secure file transfer that reduces the risk of human error by giving you both the ability to automate data movement and monitor and track all user access.
Minimize the Cyber Threat
Sharing information via email or the web includes inherent risks, like exposing the wrong content or opening your system to cyber threats such as malware or phishing. Clearswift offers data security solutions to protect against incoming threats, neutralizing links and removing active code in real time before any damage is caused.
Secure Your Information
Keep your sensitive information secure. We offer award-winning data loss prevention (DLP) solutions for email, web, and endpoints. PII data such as credit card details are automatically redacted (masked) to ensure that sensitive data stays in the right hands and is compliant with GDPR.
As a bonus, you can easily pair our threat protection and data loss prevention solutions with GoAnywhere MFT to further elevate your cybersecurity stance. Using our Secure ICAP Gateway, easily automate the detection and cleansing of information subject to the GDPR when exchanging files containing PII to both reduce the risk of human error and allow your organization to remain in control of the information it shares. Know what data is moving where, safe in the knowledge that it is free from sensitive information and cyber threats.
Become a Cybersecurity Hero Today
Don’t become the next data security breach example we write about – amplify your cybersecurity today. Discover the best solutions for you:
