MobiKwik Data Breach – Thoughts From Experts


Indian payment services provider MobiKwik is currently investigating a huge data breach affecting millions of its customers. An unknown user at an underground marketplace has 8.2 TB of data from the company, including the sensitive personal information of millions of customers.

Experts Comments

March 31, 2021
John Pocknell
Senior Market Strategist
Quest

These breaches seem to be happening far more frequently, which is concerning. The database ought to be an environment where organisations can have the most visibility and control over the data that they hold, and this type of breach should be one of the more easily avoidable.

 

 Organisations should ensure that only those users who need access have been granted it, that they have the minimum privileges necessary to do their job, and wherever possible, databases should be placed on servers that

.....Read More

These breaches seem to be happening far more frequently, which is concerning. The database ought to be an environment where organisations can have the most visibility and control over the data that they hold, and this type of breach should be one of the more easily avoidable.

 

 Organisations should ensure that only those users who need access have been granted it, that they have the minimum privileges necessary to do their job, and wherever possible, databases should be placed on servers that are not directly accessible on the internet.

 

 But all of this is only really possible if organisations actually have visibility over their sprawling database environments. Years of being able to spin up databases at the drop of a hat have led to a situation where many organisations don’t have a clear picture of what they need to secure; in particular, non-production databases that contain personal data, let alone how they need to go about securing it. You cannot secure what you don’t know about, so until this fundamental issue is resolved, we will continue to see these avoidable breaches hit the headlines.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.