In early October 2023, a DNA testing company for ancestry discovery purposes, 23andMe, disclosed that it suffered a data breach.
On the 5th of December 2023, the company shared that the data breach was more damaging than was initially reported.
On Tuesday, the company revealed that hackers had stolen the data of 6.9 million users.
Bad actors obtained sensitive data from almost half the users.
Learn from high-profile data breaches such as 23andMe and LastPass Manage security posture with enterprise-grade solutions that can support your growing infrastructure.
Cloud Data Security Posture Management, for example, is a security solution designed to prevent data breaches for companies that handle a large amount of sensitive information.
Data Security Posture Management is a cloud-based cybersecurity solution designed to discover, classify, and manage access to important data.
It detects vulnerabilities and threats that could lead to exploitation or escalate into hacking incidents such as data breaches.
For companies, DSPM:. As a result, it keeps an eye on and manages the security and privacy of data across the complete IT architecture of a company.
The first step of the DSPM data protection process is to find out which data is stored within the system.
As a result, security teams have complete visibility of which data is within the system and who has access to it.
A class action lawsuit has already been filed because the hacker shared the data on hacking forums in October.
Although not all users are concerned about data privacy, thousands of users already contacted the Canadian law firm that prepared the case and asked to join the fight.
The firm claims that 23andMe didn't adhere to proper data privacy practices and, with it, put the sensitive data of Canadian citizens at risk.
DSPM aids big enterprises that store large volumes of data to enforce regulatory compliance across the entire infrastructure.
In the case of 23andMe, we're talking about a company that holds a lot of sensitive data.
The company's official site states that they follow the GDPR - data privacy for EU users.
After a data breach occurs, the most a company can do is try to reduce the reputational and financial damage.
How a company handles a data breach is also important.
Data security is different for smaller companies vs those that have complex infrastructure, millions of users, and databases filled to the brim with personally identifiable information.
This Cyber News was published on gbhackers.com. Publication date: Thu, 14 Dec 2023 19:43:06 +0000