Words With Friends and Yahoo breaches show data privacy still not being taken seriously enough
*Sub-standard focus on solid encryption means user privacy remains at significant risk * The last few days have seen two high-profile data breaches – one related to the popular Words With Friends game app, and one where a Yahoo engineer hacked into thousands of accounts to steal sexual images and videos from users. In both cases, vast amounts of user data were compromised.
For modern encryption specialist ShieldIO, these two incidents highlight how, in many cases, data privacy is still not being given the attention it deserves.
Simon Bain, CTO at ShieldIO, said, “Both the Words With Friends and Yahoo incidents occurred because data was too easy for the perpetrators to access and expose. In effect, not enough was done to properly encrypt sensitive user data.
“In the Words With Friends breach case, the demographic make-up of the game’s users is important as well. Those playing it are most likely to be baby boomers, who generally aren’t as tech-savvy as younger generations, and are less likely to be aware of the need to change or vary their passwords as a result. This means that it’s up to the makers of the app themselves to do what they can to protect users.
“In the Yahoo breach case, the bottom line is that an engineer should never be able to access sensitive account information and hack it in this way, even if they work for, or once worked for, the company.
“Organizations need to look at these incidents and see that data privacy isn’t something to be trifled with. Encryption needs to be a core focus for any business that is serious about keeping sensitive data away from prying eyes, and it needs to be done well. Without this, we’ll continue to see breaches like these ones.”
Bain concluded, “Put it this way: you wouldn’t leave a $10 bill lying around, so why should your attitude towards data be any different?”