Resonant cases of data leakages in APAC region

22.12.2022

There is a step change taking place in the number of data-related incidents. 

Data has yet become one of the most valuable asset. Foreseeable, data related incidents occur very often. 

Recently we have witnessed a dramatic increase in the number of cyber incidents taking place worldwide. It is expected that damage caused by cyber criminals will continue to increase, and Cyber Security Ventures expect that the global cybercrime damage will hit $10.5 trillion annually by 2025. Data leaks are among the most dangerous and critical threats, which pose threats to both individuals and organizations.

Risks, posed to individuals maybe primarily divides in  physical, material or non-material harm, for instance,  discrimination against individuals, identity theft or fraud, financial loss, damage to reputation. There is also a significant number of related issues threatening companies and organizations. For instance, disruption of total stoppage of business processes (which lead to financial losses, inability to provide clients or end-users with some services, sometimes very crucial ones); reputational losses, which can lead to customer attrition; loss of confidential data crucial for companies business processes (for instance, loss of software code which can result into loss of market advantage and can in  turn lead to shut of the business); leak of work documents and processed data threats employees, clients and third party users. 

Such incidents regularly happen worldwide, endanger companies in all regions. We have been monitoring the situation and have gathered some of the most massive data related incidents in thidigests :

This year Malaysia was in the focus on intruder’s attention.

• StoreHub. The incident was revealed in January 2022. In general, over 1.7 billion records and over 1 terabyte of data was leaked. The exposed data contained information on names, phone numbers, physical addresses, email addresses, types of device used, information about customers’ payments and orders, including transaction dates, ordered goods and store addresses. The cause of the incident: misconfiguration of the Elastic search server (it was not password protected, encryption was not implemented).
• Personal data on 45 million Malinado Air, originally leaked as a result of the 2019 data breach reappeared on an online forum one more time. Supposedly, the database contained emails and physical addresses, birthdates, passport and phone numbers of airline customers. The cause of the incident: two ex-employees of GoQuo (M) Sdn Bhd e-commerce service provider in India gained illicit access and stole personal details of airline customers. The incident happened in September 2022. 
• iPay88 which is one of the largest payment gateway platforms in Malaysia experienced a data breach. The incident was revealed in May 2022. After the investigation was conducted, it was revealed that the incident affected card data from online transactions. 
• Data leak containing information on Malaysian citizens born between 1940 and 2004. The first database sold allegedly contained 22.5 million records was obtained from the National Registration Department (JPN) MyIdentity APIs. The database allegedly contained full names, IC numbers, mobile phone numbers, full addresses, gender, race, religion, and IC photos. The second database, published by the same seller contained information on 802,259 Malaysians obtained from the Electoral Commission (SPR) website. Presumably it included real photos of ICs, as well as photos of people taking selfies with their ICs. May 2022.

Indonesia attracted lots of intruders’ attention too.

• In August 2022 it was revealed that DESORDEN hack group attacked PT JASAMARGA TOLLROAD OPERATOR company, one of the largest one of the largest toll highway operators in Indonesia. The incident resulted into a data leak. In general, 252 GB of info from 5 servers was illicitly obtained. The data exposed concerned users, clients, employees; type of information: corporate and financial. 
• In January 2022 a massive medical data related incident happened. Supposedly, 720 GB of medical information on Indonesians was leaked. The data was collected from various hospitals. The disclosed data contained: full names, hospitals (where the person was treated), photographs of patients, COVID-19 test results and x-rays. 

Large data incidents affected Thailand as well.

• In August 2022, it was revealed that Frasers Property experienced a cyber incident that resulted into the leakage of data belonging to customers and employees of the company. 
• In the end of July 2021, it was reported that DESORDEN hacking group claimed that it stole more than 369 GB of data, containing approximately 3.28 million clients’ recordings and 462.980 agents’ recordings from Srkikrung.
• In January 2022, it was reported that about 39 million purported patient records allegedly from Siriraj Hospital leaked. The data leaked supposedly contained names, addresses, Thai IDs, phone numbers, gender details, dates of birth and some other information.   
• In February 2022, it was reported that data on more than 23.000 students of Thai University Central Admission System Data on more than 23,000 students who passed exams were sold on the dark web. The info included: names, grades, and ID information. The cause of the incident was a system hack.

This list contains data on only some large-scale data related incidents happened throughout this year in a few countries. 

It is of crucial importance for companies and organizations to be adequately prepared to mitigate the risks of data breaches and leaks incidents occurrence, as well as to be able to quickly and efficiently mitigate such incidents’ consequences. This task is quite a complicated one; however, it is possible to mitigate risks significantly. 

The most basic issues are considered to be the following ones:

Engagement and education. It is critical to stay up to date and understand the tendencies in information security sphere, first of all, for executives. It is simply impossible for responsible leaders to ignore security issues. Ensuring of high-level protection is impossible if employees are not competent in information security issues. When educating staff members, we recommend to focus on social engineering techniques do fraudsters ant help employees to understand the attacks’ principles; explain digital hygiene rules and set requirements for work with corporate information; set rules for password policy and two-factor authentication; inform staff members on new risks arising and how to mitigate them. A good idea is to develop an own or use ready-made educational course to train personnel. Basing on our experience, imitations of phishing attacks, lectures on the topic of social engineering techniques, considering newest methods and topic should be conducted approximately once a quarter.

Advanced protective software implementation and experts' assistance. It should be noticed, that there are some serious challenges that companies and organizations face: talent shortage and high costs (implementation of advanced software and hiring onboard specialists often costs a fortune).

However, there is a solution – MSSP. It helps to cut expenditures, comply with the regulations, ensure high level of protection and get assistance of experienced professionals.

Employee monitoring