KnowDNA Company maintains a considerably high amount of its clients’ personal information. Although it claims to have adequate security measures, the firm is still prone to cybersecurity breaches that may lead to the loss of personal data and its potential use by malefactors to perpetrate cyber-attacks. The reported cybersecurity breach at KnowDNA involved unauthorized access to the email addresses of over 92 million users (“MyHeritage Data Breach,” 2018). The company’s cybersecurity mechanisms might have failed; hence, hackers took advantage of the vulnerability to access personal identifiers. While only the email addresses were accessed during the breach, the issue exposed the owners to major attacks, such as phishing and other malicious activities, which could lead to losing other valuable information.
The content of the company’s databases is private and sensitive, considering that it contains genetic data. Although the management has confirmed that only email addresses and hashed passwords were accessed, such a massive breach could lead to access and manipulation of other identifying information (“MyHeritage Data Breach,” 2018). Such a violation places the affected users in danger of major cyber-attacks. For example, when identifying data is stolen, the victim faces the risk of identity theft and related dangers, including fraud. The involved individuals can also suffer financial losses from bank account theft using the stolen data (Hille, Walsh, & Cleveland, 2015). Therefore, the breach may have a huge economic impact on the affected persons.
Besides the financial loss, the victims of the violation of KnowDNA were exposed to major psychological and emotional trauma. Such cybersecurity breach reports may cause mental disturbance because of the sensitivity of the information stored in the company’s databases. Regardless of the assurance by the firm’s manager that no proof exists regarding the perpetrators using the stolen data, the victims might be worried about the potential damage that might occur (Hille et al., 2015). DNA and genetic evidence are highly sensitive and confidential. Therefore, the thought that a third party might have accessed the company’s server can cause major apprehensions and anxiety.
The management should be concerned about the situation and implement remedial actions to reassure the clients about the safety of their confidential data. The first step is to ensure that cybercriminals never benefit from the accessed information, including email accounts and passwords. Since KnowDNA has the contacts of the affected clients, it should inform them about the breach and request them to change their passwords to prevent the possible misuse of the stolen information to commit cyber-attacks. The company should also advise its clients on ways to protect their emails, such as using a two-step identification procedure to restrict perpetrators from accessing the exposed accounts.
Furthermore, the management at KnowDNA should implement additional security measures to protect the servers from any vulnerabilities that hackers can use to penetrate them and access the company’s or its clients’ data. The measures include strong firewalls, SSH keys, VPNs and Private Networking, Public Key Infrastructure, and SSL/TLS Encryption (“Security Measures to Protect Your Servers,” 2016). Instilling additional security measures and guiding the victims of the attack on ways to protect their data will minimize future risks.
KnowDNA has experienced a major security breach involving the theft of emails and hashed passwords belonging to its clients. The company will remain in operation but should prevent similar violations in the future. The cybersecurity management team should proactively protect their clients’ confidential information.
References
Hille, P., Walsh, G., & Cleveland, M. (2015). Consumer fear of online identity theft: Scale development and validation. Journal of Interactive Marketing, 30, 1-19.
MyHeritage data breach exposes info of more than 92 million users. (2018). Retrieved from https://us.norton.com/internetsecurity-emerging-threats-myheritage-data-breach-exposes-info-of-more-than-92-million-user.html
Security Measures to Protect Your Servers. (2016). Retrieved from https://www.unixmen.com/security-measures-protect-servers/