Experts and cybersecurity professionals continue their analysis of the GetHealth Exposure. Find out what they had to say here.
Yesterday, we covered the GetHealth Exposure; a platform misconfiguration resulted in 61 million records being exposed from across multiple fitness services and applications. The data exposed includes names, dates of birth, weight, height, gender, and GPS logs, some of which could be considered sensitive.
Our coverage included expert commentary and coverage, but we’ve received an influx of opinions since. We decided to bundle our favorites here.
More Expert Commentary and Coverage of the GetHealth Exposure
Pravin Rasiah is VP of Product of CloudSphere.
“Companies collecting and storing sensitive customer information must be hypervigilant in protecting all of the data they collect. Leaving a database exposed without a password or authentication to prevent unauthorized entry is a surefire way to endanger customer information and potentially damage a brand’s reputation. It is crucial that enterprises have the ability to identify security flaws in a timely manner so that sensitive data such as names, birthdates, and GPS logs stay out of the hands of malicious actors. A missing password is often the result of a lack of awareness of the constantly changing cloud environment. Without this visibility, it is far too easy for even basic security measures to lapse or be misconfigured. Companies should invest in automation for cloud governance that enforces security guardrails via policies that can prevent or remediate issues in real-time.”
Troy Gill is Senior Manager of Threat Intelligence at Zix | AppRiver.
“Data has become the gold of the digital age, and we owe it to our customers and employees to ensure that it’s always protected. GetHealth’s exposure of potentially sensitive data left millions vulnerable, and although they responded quickly after the exposure was detected, it’s hard to tell who may have accessed the information while it was available.
It was found that the database hadn’t been password-protected, which may not have been enough to stop a hacker itself in the first place. In addition to guarding information with passwords, organizations must follow a few best practices to keep information secured, such as regularly updating passwords, ensuring that passwords are not recycled among services, and adding an extra layer of security by adopting two-factor authentication.
To avoid simple errors that could lead to attacks and data theft, organizations should also make it a habit to deploy regular security audits to identify vulnerabilities and other suspicious behavior, allowing them to ensure sensitive data is routinely being backed up.”
Anurag Kahol is CTO and Cofounder of Bitglass.
“Gartner predicts global security spending will reach $150.4 billion by the end of this year, yet organizations are often plagued by easily preventable security mishaps—such as leaving databases exposed without any authentication controls in place. In this case, the database’s lack of authentication caused 61 million records containing personally identifiable information (PII) to be publicly exposed online, putting victims at risk of identity theft or being targeted in phishing schemes.
To properly protect valuable data from exposure, organizations must obtain full visibility and control over their entire IT ecosystem. As such, they must equip themselves with robust and multi-faceted cybersecurity platforms like secure access service edge (SASE) that provide multi-factor authentication (MFA), cloud security posture management (CSPM), user and entity behavior analytics (UEBA), and data loss prevention (DLP) capabilities. With a unified solution, organizations can defend customer data in real-time.”
James Carder is Chief Security Officer at LogRhythm.
“The exposure of over 60 million records containing user information highlights the importance of ensuring the appropriate protections are in place to secure sensitive and invaluable customer information. Securing customer data should be a top priority for any company and it’s disappointing to see records containing private information like weight, fitness history and GPS logs left unsecured, without the most basic security protections, for cybercriminals to access freely and easily. In addition to being used for fraud, this data can be used in other attacks, some that could even be physical based on the disclosure of GPS data that could provide an attacker with knowledge of where you live, your travel patterns and when you are home or not home. This information could also be used to extort those that may not want sensitive information like their weight exposed to the world.
Unprotected databases left exposed online such as this can be avoided. Because simply having a password for a database isn’t enough to protect information, companies housing sensitive information must step-up their security strategy and invest in solutions that automatically detect malicious behavior and enable network infrastructure to proactively thwart unauthorized access attempts. Companies should ensure they have the appropriate protections for the type and classification of the data they house and are expected to protect. To have a database that is internet accessible from anywhere without even a password to protect against unauthorized access to the data is just a failure in the most basic security controls.”
Josh Rickard is Security Solutions Architect at Swimlane.
“Platform misconfigurations, like those in the GetHealth database, can have long-standing and upsetting repercussions, even after exposed records have been restricted from public access. In this case, 61 million records containing personally identifiable information (PII)–such as names, birthdates, gender and personal health information–have been exposed to the public and violated victims’ privacy.
Although data exposures such as the GetHealth exposure are becoming increasingly frequent, organizations can prevent similar situations and protect valuable human data by centralizing and automating their current security threat detection, response and investigation processes into a single platform. The implementation of a SOAR solution allows for real-time security automation to respond to incidents and execute the appropriate security-related tasks. With comprehensive security automation, the chance for human error is eliminated and customers remain protected.”
Thanks to these experts for their time and expertise on the GetHealth Exposure. For more on preventing these kinds of exposures, check out the SIEM Buyer’s Guide.
- More Expert Commentary and Coverage of the GetHealth Exposure - September 14, 2021
- GetHealth Platform Misconfiguration Exposes 61 Million Fitness-Tracking Records - September 13, 2021
- Panther Labs Releases State of SIEM 2021 Report - September 13, 2021