Data breaches that generate increased data security is backward thinking.
Lightning did in fact strike twice last week as Canada’s fourth and fifth largest banks, BMO and Imperial Bank of Commerce’s (CIBC) Simplii financial were compromised leaving thousands of client’s personal records at risk. The perpetrators utilized an algorithm to help defeat the current safeguards to obtain clients’ account numbers. These perpetrators have threatened to release the breached accounts if they do not receive one million dollars in the form of the cryptocurrency Ripple (XRP). Information regarding the name, account number, debit card, SIN number, home address, occupation and more for 100 BMO customers have already been released, further proving the competency of the claims made by these individuals. Both banks responded with full-scale investigations and declared that they will be enhancing their online security measures. The real question is why weren’t these banks using these enhanced security measures all along?
If the banks had been protected by the Leonovus Secure Storage solution prior to the breach, there would have been considerably less challenge and recovery. Since the Leonovus zero-trust, data-centric security model assumes that platforms are to be compromised Leonovus offers a solution that centers around securing the data, not the infrastructure. With this, the breach impact would have been nullified. If these banks included Leonovus as a security measure prior to the attack, the perpetrators would not have been capable of utilizing their algorithm to determine account numbers. Instead, they would have discovered encrypted, secured shreds of data elements, completely useless to them.
The moral of the story is simple, there is far too much at stake, and far too much to lose, when banks do not offer the most enhanced security measures to their clients before attacks happen not after.
Want to learn more?