Expert Comment: Key Ring App Data Leak Exposes Millions

The Key Ring app data leak has exposed 44 million images uploaded by users – compromising data including government IDs, NRA membership cards, medical marijuana ID cards, credit cards with all the details.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Richard Cassidy
Richard Cassidy , Senior Director of Security Strategy
InfoSec Expert
April 6, 2020 12:47 pm

This highlights the importance for all organisations to follow best practices security approaches when securing data silos (cloud, hosted or on-premise) and working diligently to ensure that basic access control policies aren\’t neglected when securing customer data.

The wider issue here is that this keeps happening. Cloud storage is easy for anyone with a credit card to spin up, but that doesn’t mean they have the security skills to ensure it is locked down. If businesses can\’t have full control over their data, they need to have measures in place to monitor it.

What’s more, this leak demonstrates the fact organisations need to realise that third parties – users, suppliers, partners – are a significant risk in terms of securing resources. It highlights the need for corporations to move beyond the \”internal security controls\” mantra of old and instead focus on ensuring data access from external channels is closely monitored and validated.

For Digital Pipeline, this is now about solid communication; assuring customers that you\’re doing all you can to protect misuse of their data and then demonstrating those controls is key to brand confidence.

Last edited 2 years ago by Richard Cassidy
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x