MobiKwik Data Breach – Thoughts From Experts


Indian payment services provider MobiKwik is currently investigating a huge data breach affecting millions of its customers. An unknown user at an underground marketplace has 8.2 TB of data from the company, including the sensitive personal information of millions of customers.

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
John Pocknell
John Pocknell , Senior Market Strategist
InfoSec Expert
March 31, 2021 12:08 pm

<p>These breaches seem to be happening far more frequently, which is concerning. The database ought to be an environment where organisations can have the most visibility and control over the data that they hold, and this type of breach should be one of the more easily avoidable.<u></u><u></u></p> <p> <u></u><u></u></p> <p> Organisations should ensure that only those users who need access have been granted it, that they have the minimum privileges necessary to do their job, and wherever possible, databases should be placed on servers that are not directly accessible on the internet.<u></u><u></u></p> <p> <u></u><u></u></p> <p> But all of this is only really possible if organisations actually have visibility over their sprawling database environments. Years of being able to spin up databases at the drop of a hat have led to a situation where many organisations don’t have a clear picture of what they need to secure; in particular, non-production databases that contain personal data, let alone how they need to go about securing it. You cannot secure what you don’t know about, so until this fundamental issue is resolved, we will continue to see these avoidable breaches hit the headlines.</p>

Last edited 1 year ago by John Pocknell
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x