This post is also available in: עברית (Hebrew)
Time and again, the protection of data from unauthorized access is proving more and more challenging. One of the most common cyber security problems is companies’ unsecured servers and critical information. In Texas, data relating to some 27.7 million drivers has been recently exposed online and stolen from an unsecured database belonging to insurance company Vertafore. The databases were left online between March and August and included names, dates of birth, addresses and vehicle registration histories.
The insurance company said the data was exposed when someone placed three company files on “an unsecured external storage service that appears to have been accessed without authorization.” Fears have been raised regarding possible cases of identity theft. An identity thief can try to create a new account and log in to an existing account.
The Texas Department of Motor Vehicles stated that the breach of information was caused by Vertafore. The Department was not hacked and was not the cause of the breach. “The department classifies and protects data based on existing statutory regulations and industry principles, and retains and destroys all data in accordance with state and agency data retention and data sanitization policies.”
Nearly half (46%) of organizations find it hard to tell which vulnerabilities are real threats versus ones that will never be exploited, according to a recent report. Vinay Sridhara, chief technology officer of AI-powered security posture firm Balbix, told siliconeangle.com that security teams lack awareness when it comes to prioritizing risk, and “organizations are left vulnerable to unexpected attacks, such as those exploiting a breach at a former third-party partner with access to sensitive data.”