Recently, the Internet Society, a non-profit organization dedicated to keeping the Internet open and secure, suffered a major third-party data breach compromising the PII of over 80,000 members. These files contained names, emails, postal addresses and login credentials and were eventually exposed publicly online. The data was hosted in an Azure environment, specifically a storage repository.
It’s unclear how long this data was publicly available, but after security firm Clairo made the discovery, the repository was secured a week later. The Internet Society reportedly immediately took steps to investigate the situation. Additionally, they report no evidence of malicious access to member data, but the incident remains under surveillance.
How could this have happened? Well, if you have deja vu, it’s because we blogged about a similar incident just last week. In this current incident, the Internet Society claims that the misconfiguration originated with a third-party vendor. It is exactly this type of extremely preventable misconfiguration that continues to impact institutions everywhere on a seemingly weekly basis.
Third Party Data Breach Solutions
Fortunately, solutions exist today to prevent this exact incident – in particular, mature cloud security posture management (CSPM) Workaround. If you are familiar with the shared responsibility model (Azure has its own), then you know that as much as a cloud provider, like Azure, provides cloud protection, configuration within your cloud is entirely your responsibility.
Integrating a CSPM tool to monitor your Azure environment ensures that your bases are covered at the most fundamental level. These tools continuously compare your environment to a baseline of appropriate configurations and behaviors, looking for deviations. As soon as a discrepancy is detected, such as a public Azure repository, a CSPM solution reports the issue.
A few things to note: Many vendors today offer CSPM solutions that include this monitoring and detection, but next-generation tools go even further. Suppose there is a misconfiguration, such as a lack of authentication needed to access student PII, and your old CSPM tool detects it and issues a ticket to your security team. This ticket will sit at the back of a queue of other security issues, or the alert may get lost in a sea of notifications. Worse still, your organization has to waste valuable time receiving the ticket and defining the team responsible and capable of resolving the issue.
In this case, organizations need an efficient way to ensure that the right responsible team receives the alert, and they need context to recognize that this specific alert, among many others, is an urgent concern deserving attention. immediate. Even a little further, he needs a way to fix the problem without manual action.
Tackling third-party risks with Sonrai Security
Sonrai Security is committed to providing your business with the information it needs to prevent, detect and remediate risks of inadvertent access internally or through third parties. Outsourcing to third-party experts is great for strengthening your business, but don’t let that get you down.
Sonrai Dig provides a platform with a myriad of integrated solutions to monitor your environment, detect misconfigurations and possible risk factors, alert necessary parties through intelligent workflows, and even remediate urgent vulnerabilities when the human action is not possible.
Secure your perimeter with Sonrai Dig. Contact Sonrai Security to learn more about securing your Azure environment with GCP and AWS.
The post office Over 80,000 ISOC members affected by third-party data breach appeared first on Sonrai Security.
*** This is a syndicated blog from the Security Bloggers Network of Blog – Sonrai Security written by Eric Kedrosky. Read the original post at: https://sonraisecurity.com/blog/80000-isoc-members-affected-in-third-party-data-breach/
