It has been reported that a misconfiguration error has exposed personal data belonging to customers of New England’s largest energy provider. On March 16, Eversource discovered that one of its cloud data storage folders had erroneously been set to open access rather than to restricted access. The company serves more than 3.6 million electric and natural gas customers in Connecticut, Massachusetts, and New Hampshire. An investigation into the data breach launched by Eversource’s security team found that the unsecured folder contained personal data belonging to customers residing in eastern Massachusetts.
<p>The pandemic has brought about a new reality for all sectors in regard to cybersecurity, with energy providers being no exception. We have seen malicious actors and attackers taking advantage of both small and large organisations, with this case being just one of the many examples seen in recent months.</p> <p> </p> <p>Once, again this breach acts as a reminder to all on how data is like ‘liquid gold’ and what appears not to be particularly dangerous from a cybersecurity perspective, has a huge impact from a privacy breach perspective as the data stolen can be used, harvested and mined to understand user behaviours and preferences. Although the investigation into this breach is still ongoing, and Eversource has reassured customers that they believe personal data has not been compromised, customers should still take precautions, especially those residing in eastern Massachusetts.</p> <p> </p> <p>For customers who may have been potentially affected by this breach, it is best practice to act with caution, as if your personal details have been affected, particularly as highly sensitive data was stored in the compromised files. Therefore, be wary of messages coming from unknown sources, and consider changing your passwords associated with this account, especially if they are duplicated across other personal accounts.</p>
<p>This breach is further proof that addressing data breaches that occur outside the corporate firewall is vital to managing your third-party risk. As more organizations turn to cloud providers for everything from infrastructure to apps to support employees, save money, and enable digital transformation, they are expanding their attack surface exponentially.</p> <p> </p> <p>Organisations must constantly scan for leaked documents outside the enterprise perimeter, including connected storage, open databases, cloud applications, and the Dark Web to detect and resolve external risks quickly, before they are exploited.</p> <p> </p> <p>The legal and regulatory consequences of leaked data often include fines, penalties, and damage to reputation, which drives up customer acquisition costs and decreases lifetime customer value. Similarly, shareholder value can take years to recover, if ever.</p>
<p>Data breaches from cloud computing often happen because sensitive data is stored and processed in clear text form. While cloud service providers offer data security capabilities, the particular business is still the responsible caretaker. The increased attack surface of cloud environments makes for a potentially weak overall security posture. With a hybrid and multi cloud strategy data becomes dispersed across multiple clouds as well as their own datacenters. With that data security becomes even more difficult to manage. Combined with a modern DevOps culture, misconfigurations and overlooking general security requirements are becoming commonplace.</p> <p> </p> <p>Sensitive data is required for many business use cases – especially those that generate revenue or provide valuable analytics. </p> <p> </p> <p>Data protection, of course, is a crucial part of the cybersecurity protection framework. Data protection that focuses on the data itself (data-centric security) allows sensitive data to remain protected, even when other security layers in an organization’s cybersecurity framework fail, or are bypassed. In addition it anables processing and analytics on protected data, reducing exposure of sensitive data drastically. Companies today who are using technologies such as tokenization are in a better position to ensure that an incident doesn’t have to become a data breach.</p>