How exactly does a mega hosting company like Dropbox find itself in a security breach that affects 70 million of its users? As one of the most popular cloud storage options available, and one that everyone trusts wholly, it’s pretty surprising—but it happened. In fact, it happens often, and to the absolute biggest companies…including LinkedIn, Slack, Anthem, Spotify, Kaspersky, JPMorgan Chase, Amazon and Kindle, eBay, and plenty more. Dropbox is simply one in a long line of recent hacks and security breaches.
Dropbox’s particular breach spans over four years. Last month, Dropbox requested their users to reset personal passwords, explaining that they are being cautious about an incident that goes back to 2012 in which details for 68,680,741 accounts were stolen due to theft of Dropbox credentials. Not only did the 2012 hack result in a serious security compromise that spanned through 2016; Dropbox users also found themselves being spammed due to stolen email lists.
What impact will this hack have on users and businesses?
This happened because hackers first plowed into a Dropbox employee’s LinkedIn account, and could then access the entire company’s corporate network.
Substantial hacks like this occur fairly frequently, and when they do, individuals and business owners alike grow concerned over their private data, including sensitive documents, photos, and videos.
The hacks are a real issue. For businesses, a breach is serious because hackers can get access to—and sell, or hold for ransom—their data, which can devastate companies that have intellectual property, such as innovative high-tech apps or software or manufacturing information. Infiltration from hackers on businesses can result in public relations damages, damaged properties, loss of information, email theft, damaged reputation, ransom, or even complete loss of business. How, exactly? It depends on what your company does, but hackers are both smart and passionate. If your company stands for something that they disagree with, you could be a huge target.
And don’t assume you’re safe if you have a “neutral” company that you don’t think hackers would focus on. Many hackers earn money just for grabbing email addresses from your database, or simple hacking in general. Gmail account hacking can be as low as $90, Facebook account hacking is around $350, hacking a regular website is roughly $2,000, and hacking a Netflix password goes for about $1.25.
What do hackers do with my data?
You may be wondering why and how the hackers benefit from digging through websites and stealing info. Hijacking info is usually a goldmine because individuals use the same password for multiple accounts and logins across the web—therefore, a successful hacker can open a door to all your accounts if they find just one. They can then hold that password ransom from you, sell your info to others, or use it to spam people by pretending to be “you”.
A good hacker can get info such as your credit card account, email correspondence, and business data. They can even delete your entire email account. Address changes, switched passwords, and a multitude of other atrocities can be committed.
Even targeted phishing is an issue. If hackers can see the companies you communicate with, they can call or email you pretending to be one of those companies and try to steal even more sensitive info.
Most of the time, hackers going after your email have nothing more ambitious in mind than using it to spam people about fraudulent offers or malicious downloads, but still, once they have that info, you’re in trouble. It’s best to avoid them accessing it altogether.
And that’s possible.
How not to lose files and data to hackers
With the recent Dropbox precaution, the breach would potentially affect Dropbox users who signed up for the service before mid-2012. If you were affected—or affected by any other possible security breaches—here are a few tips for you.
Use a different password for different accounts across the web. By using different passwords for all online accounts, you will make it more difficult for hackers to get into one account—which would allow them to access many more online accounts. (What happened in 2012 to Dropbox was due to password reuse.)
Log out of your email account when you’re not using it.
Avoid accessing your email via public computers such as hotels, libraries, coffee shops, and schools.
Use security software to protect your computer from malicious software that can allow a hacker to access your email addresses.
Use a different email address for social networking accounts versus your bank and other business accounts, as well as any other important accounts.
Use the security features available with certain websites, such as “two-factor” or “two-step” authentication, and backup email for recovery. This is available now on many sites (including Dropbox). This extra layer of protection is one of the easiest and cheapest ways to strengthen password security and to keep your data safe.
Overall, the best way to protect yourself is to treat your email with the same concern that you use to protect your physical property. When you decide to use cloud services, make sure you have backup and recovery codes.
Another good step is to configure a backup user after setting up an administrator account, then begin assigning secure access to your employees. They will remain productive by accessing your company’s data on their own apps, but if they day comes that they move on, you’ll remain firmly in control of your business’ vital information.
There are other (better) options…
With all these precautions and warnings, business owners may be wondering what should be expected when it comes to file storage solutions. Should hacking just come with the territory? Is it just something that can’t be avoided?
No. Security is completely available.
Hardcore protection—such as layers of encryption on the client and server ends—is used by companies such as Contentverse. Furthermore, there are “user roles” and permissions that stop breaching a single person’s account from giving the hacker access to everything. There are separations of file clusters by department or location, and a dedicated “security manager” to monitor the other roles and track audit trails.
Think about it: your company info falling into the wrong hands could devastate your business. Whether a hacker would hold your info and files for ransom, or phish it to sell to spammers, it’s a horrible situation. Imagine your good reputation destroyed because you’re spamming people to buy awful fake drugs. We’ve all gotten those emails in our junk folder.
The silver lining is that there is a lot going on to protect companies from hackers. It’s just a matter of finding the right file storage service. That’s where notable businesses such as Contentverse come in. We are leaders in the world of content management for businesses, and the protection of your sensitive company information is critical to us.
Allow us to help protect your business. Feel free to give us a call or email us today.