Expert Comment: Key Ring App Data Leak Exposes Millions

The Key Ring app data leak has exposed 44 million images uploaded by users – compromising data including government IDs, NRA membership cards, medical marijuana ID cards, credit cards with all the details.

Experts Comments

April 06, 2020
Richard Cassidy
Senior Director of Security Strategy
Exabeam
This highlights the importance for all organisations to follow best practices security approaches when securing data silos (cloud, hosted or on-premise) and working diligently to ensure that basic access control policies aren't neglected when securing customer data. The wider issue here is that this keeps happening. Cloud storage is easy for anyone with a credit card to spin up, but that doesn’t mean they have the security skills to ensure it is locked down. If businesses can't have full.....Read More
This highlights the importance for all organisations to follow best practices security approaches when securing data silos (cloud, hosted or on-premise) and working diligently to ensure that basic access control policies aren't neglected when securing customer data. The wider issue here is that this keeps happening. Cloud storage is easy for anyone with a credit card to spin up, but that doesn’t mean they have the security skills to ensure it is locked down. If businesses can't have full control over their data, they need to have measures in place to monitor it. What’s more, this leak demonstrates the fact organisations need to realise that third parties - users, suppliers, partners - are a significant risk in terms of securing resources. It highlights the need for corporations to move beyond the "internal security controls" mantra of old and instead focus on ensuring data access from external channels is closely monitored and validated. For Digital Pipeline, this is now about solid communication; assuring customers that you're doing all you can to protect misuse of their data and then demonstrating those controls is key to brand confidence.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.