"Although the initial access in this incident came from a firewall vulnerability, the real damage occurred once attackers reached sensitive data. Breaches like this show how important it is to prevent credentials and encryption keys from being stored in unprotected locations or in unmasked forms. When secrets are exposed, attackers can move quickly and gain access to high-value information. Organizations also need continuous visibility into where sensitive data lives and how it is being accessed."
"Detecting credit card numbers, Social Security numbers and other regulated data across all environments and validating that it is properly protected can significantly reduce occurrence of compliance violations and the impact of a compromise. Continuous monitoring for unusual data activity, such as unexpected access by third parties or unfamiliar IPs, is another key safeguard. Strong password practices and timely patching will always matter, but reducing the blast radius requires a data-centric approach that limits what attackers can reach even if they do get in."
Marquis Software Solutions detected suspicious activity on its systems on Aug. 14 that was identified as a ransomware attack. The attack may have exposed personal data for about 780,000 individuals, including names, dates of birth, phone numbers, Taxpayer Identification Numbers, financial account data, and Social Security numbers. Investigators found the attacker accessed the network via a SonicWall firewall and may have acquired certain files. There is currently no evidence the compromised data has been misused. Security experts warn that exposed credentials and encryption keys enable rapid attacker movement and recommend continuous visibility, data detection, monitoring, patching, and a data-centric defense to limit attacker reach.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]