The story broke today that Apollo, a sales engagement startup boasting a database of over 200 million contact records from 10 million companies, has been hacked.
Jacob Serpa, Product Marketing Manager at Bitglass:
“For any company that boasts a database of 200 million contacts from 10 million companies, cybersecurity must be a top priority. If other organizations want to prevent breaches like the one experienced by Apollo, they must leverage advanced security capabilities built for the cloud. For example, they should employ multi-factor authentication to verify users’ identities more accurately, as well as contextual access control that can flexibly extend data access based on a user’s location, device type, and more. As the number of data breaches increases and the sophistication of attacks continues to evolve, organizations must adapt or be faced with the reality of a breach.”
Zohar Alon, CEO at Dome9:
“In an email to affected customers, Apollo said the data breach was discovered weeks after system upgrades in July. Apollo is not the first company to have a breach go unresolved for a long period of time, proving organizations do not emphasize security to a high enough degree. As data privacy laws become more commonly adopted with harsh penalties, breaches such as these will have a serious impact on business viability.
Corporations must monitor their entire threat landscape on a real-time basis and enforce proper security discipline. Continuous compliance and active protection are essential components to keeping data secure.”
Ruchika Mishra, Director of Products and Solutions at Balbix:
“The breach of Apollo’s enormous database of 200 million prospective customers and ten million companies adds to a growing list of companies that compile large amounts of data yet fail to keep it safe. When you are expected to keep prospect, customer, supply chain and other business-critical contact information safe, you must be proactive about your security efforts and try to detect and mitigate cyber risks in your network before they are exploited. With cyber-attack vectors growing to 200+, while its resources being limited as a startup, Apollo should have used an AI-powered security solution to gather and act on this data, as the needed breadth of data far exceeds human capabilities to monitor.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.