It has been reported that a misconfiguration error has exposed personal data belonging to customers of New England’s largest energy provider. On March 16, Eversource discovered that one of its cloud data storage folders had erroneously been set to open access rather than to restricted access. The company serves more than 3.6 million electric and natural gas customers in Connecticut, Massachusetts, and New Hampshire. An investigation into the data breach launched by Eversource’s security team found that the unsecured folder contained personal data belonging to customers residing in eastern Massachusetts. 

Subscribe
Notify of
guest
4 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Niamh Muldoon
Niamh Muldoon , Senior Director of Trust and Security, EMEA
InfoSec Expert
April 23, 2021 4:20 pm

<p>The pandemic has brought about a new reality for all sectors in regard to cybersecurity, with energy providers being no exception. We have seen malicious actors and attackers taking advantage of both small and large organisations, with this case being just one of the many examples seen in recent months.</p> <p> </p> <p>Once, again this breach acts as a reminder to all on how data is like ‘liquid gold’ and what appears not to be particularly dangerous from a cybersecurity perspective, has a huge impact from a privacy breach perspective as the data stolen can be used, harvested and mined to understand user behaviours and preferences. Although the investigation into this breach is still ongoing, and Eversource has reassured customers that they believe personal data has not been compromised, customers should still take precautions, especially those residing in eastern Massachusetts.</p> <p> </p> <p>For customers who may have been potentially affected by this breach, it is best practice to act with caution, as if your personal details have been affected, particularly as highly sensitive data was stored in the compromised files. Therefore, be wary of messages coming from unknown sources, and consider changing your passwords associated with this account, especially if they are duplicated across other personal accounts.</p>

Last edited 1 year ago by Niamh Muldoon
Dr. George Papamargaritis
Dr. George Papamargaritis , MSS Director
InfoSec Expert
April 23, 2021 3:00 pm

<p>This incident highlights how cloud security misconfigurations can be detrimental to organisations and put their customer data in jeopardy and potentially at risk of hacking.</p> <p> </p> <p>Eversource is still investigating the breach and they do not believe the data was accessed by any third parties, however, <a href=\"https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATUSigHZOkmV52xndBDp7b40XFgjLhImhZN-2B61Q8IlGeicZuHKWXp8KjXUOXLPzrGcjO66VXaVqIBgmzHUTF-2F7oAmUiy4ph0vYiTSbSfhtuQ5P4v6JHbL8QnVls-2BTEAZw-2BPv8igjo64WGLdaFSrFBgmR8paA4sPy-2FF5EKqTVfLLLKJbtyUoOLp0A7c9U1EZMhiUhR7J5m6M60yci0EJt4GHIKze6Y5oGppT6UV4Jg7PtZ5RR7jiuTsbEN29vTr-2BBu3p9rnplE7DfbpfmEjc5rrDDrujTeeRy-2Fkix5ueKQ8JMrGlkrflLPq-2FAz8iqQk-2F90VEx9BlBLrvn1NBoE4gj2OfVqCs89oF-2FP4I8p-2Bqoyt4SH7YT55zRk1-2BfnCDzxhyIWdqwn2NQ7uMdIu-2BMESshUFjCk1bM-2B3zKbikS7mey6oVutAbwRWQ2yWF5cdEogusTQxRWVBBLk9IYMSmtlgsmIic-2FUTnUYbktAotRSoz4JdUUSdLn1yTkSxEQB5edvwmf-2BQxJf4zs2aMz4U5DMLO3rNGDtfeWtzAAr3zMA01B-2BSxTUtMK11bwXEHKi9v6IIJ0moTA-3D-3DxoFZ_S3RA1gMvL7v1TdZrqvF2X48vY2LyH9KYdxKxBaPFp6Fl1TEEsXDQbgk-2FWPw9Ah5nwh5z3HPLIw79cePUeHvYGTO5AKaXxfXA6PdkmD9nZzOoTnHFT1UG5oGB72ysmgML8kJtxmCDKKkjk4EdX-2Bx-2FdrXPkZqLOgs0ExmUxGN7kIfcTENaKF5jZFHU0Szir3aaEupIMI9R7mZ9Udi-2FNlecteLMKxT8859oviqSQnZGk8gnR6c9hMRQZdPV-2FPwQM2RIC6GT6XaQJuBnt-2BeaDB7ir5E2iXBVhvlmcVTNiZoxYwA-2FLEcISDXIkmZBsa2hC-2FVx-2FFhKQ6t35-2BeHZkQbVYDeAJpnVins-2B35-2B5RtAwY4VtJVVgGO-2F-2FHaiOaVTySAzfh0x\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://u7061146.ct.sendgrid.net/ls/click?upn4tNED-2FM8iDZJQyQ53jATUSigHZOkmV52xndBDp7b40XFgjLhImhZN-2B61Q8IlGeicZuHKWXp8KjXUOXLPzrGcjO66VXaVqIBgmzHUTF-2F7oAmUiy4ph0vYiTSbSfhtuQ5P4v6JHbL8QnVls-2BTEAZw-2BPv8igjo64WGLdaFSrFBgmR8paA4sPy-2FF5EKqTVfLLLKJbtyUoOLp0A7c9U1EZMhiUhR7J5m6M60yci0EJt4GHIKze6Y5oGppT6UV4Jg7PtZ5RR7jiuTsbEN29vTr-2BBu3p9rnplE7DfbpfmEjc5rrDDrujTeeRy-2Fkix5ueKQ8JMrGlkrflLPq-2FAz8iqQk-2F90VEx9BlBLrvn1NBoE4gj2OfVqCs89oF-2FP4I8p-2Bqoyt4SH7YT55zRk1-2BfnCDzxhyIWdqwn2NQ7uMdIu-2BMESshUFjCk1bM-2B3zKbikS7mey6oVutAbwRWQ2yWF5cdEogusTQxRWVBBLk9IYMSmtlgsmIic-2FUTnUYbktAotRSoz4JdUUSdLn1yTkSxEQB5edvwmf-2BQxJf4zs2aMz4U5DMLO3rNGDtfeWtzAAr3zMA01B-2BSxTUtMK11bwXEHKi9v6IIJ0moTA-3D-3DxoFZ_S3RA1gMvL7v1TdZrqvF2X48vY2LyH9KYdxKxBaPFp6Fl1TEEsXDQbgk-2FWPw9Ah5nwh5z3HPLIw79cePUeHvYGTO5AKaXxfXA6PdkmD9nZzOoTnHFT1UG5oGB72ysmgML8kJtxmCDKKkjk4EdX-2Bx-2FdrXPkZqLOgs0ExmUxGN7kIfcTENaKF5jZFHU0Szir3aaEupIMI9R7mZ9Udi-2FNlecteLMKxT8859oviqSQnZGk8gnR6c9hMRQZdPV-2FPwQM2RIC6GT6XaQJuBnt-2BeaDB7ir5E2iXBVhvlmcVTNiZoxYwA-2FLEcISDXIkmZBsa2hC-2FVx-2FFhKQ6t35-2BeHZkQbVYDeAJpnVins-2B35-2B5RtAwY4VtJVVgGO-2F-2FHaiOaVTySAzfh0x&source=gmail&ust=1619265108467000&usg=AFQjCNFtGFdPmXAaUCESlMFGQRsu1O7HBg\">Obrela’s Q1 threat data</a> reveals that cloud attacks on oil and gas organisations have increased by over 24% in Q1 2021 compared to Q1 2020.</p> <p> </p> <p>This highlights that cybercriminals are amplifying their effort to target cloud assets within the industry. Only time will tell if Eversource is accurate and the data was not accessed by intruders</p>

Last edited 1 year ago by Dr. George Papamargaritis
Camille Charaudeau
Camille Charaudeau , VP Product Strategy
InfoSec Expert
April 22, 2021 12:01 pm

<p>This breach is further proof that addressing data breaches that occur outside the corporate firewall is vital to managing your third-party risk. As more organizations turn to cloud providers for everything from infrastructure to apps to support employees, save money, and enable digital transformation, they are expanding their attack surface exponentially.</p> <p> </p> <p>Organisations must constantly scan for leaked documents outside the enterprise perimeter, including connected storage, open databases, cloud applications, and the Dark Web to detect and resolve external risks quickly, before they are exploited.</p> <p> </p> <p>The legal and regulatory consequences of leaked data often include fines, penalties, and damage to reputation, which drives up customer acquisition costs and decreases lifetime customer value. Similarly, shareholder value can take years to recover, if ever.</p>

Last edited 1 year ago by Camille Charaudeau
Felix Rosbach
Felix Rosbach , Product Manager
InfoSec Expert
April 22, 2021 11:54 am

<p>Data breaches from cloud computing often happen because sensitive data is stored and processed in clear text form. While cloud service providers offer data security capabilities, the particular business is still the responsible caretaker. The increased attack surface of cloud environments makes for a potentially weak overall security posture. With a hybrid and multi cloud strategy data becomes dispersed across multiple clouds as well as their own datacenters. With that data security becomes even more difficult to manage. Combined with a modern DevOps culture, misconfigurations and overlooking general security requirements are becoming commonplace.</p> <p> </p> <p>Sensitive data is required for many business use cases – especially those that generate revenue or provide valuable analytics. </p> <p> </p> <p>Data protection, of course, is a crucial part of the cybersecurity protection framework. Data protection that focuses on the data itself (data-centric security) allows sensitive data to remain protected, even when other security layers in an organization’s cybersecurity framework fail, or are bypassed. In addition it anables processing and analytics on protected data, reducing exposure of sensitive data drastically. Companies today who are using technologies such as tokenization are in a better position to ensure that an incident doesn’t have to become a data breach.</p>

Last edited 1 year ago by Felix Rosbach
4
0
Would love your thoughts, please comment.x
()
x