Welcome to Cash in the Cyber Sheets. I'm your host, James Bowers, and together we'll work with business leaders and industry experts to dive into the misunderstood business of cybersecurity and compliance to learn how to start making money from being secure and compliant. Welcome to Cash in the Cyber Sheets.
Everybody, welcome back to Cash in the Cyber Sheets. I'm your host, James Bowers, Chief Security and Compliance Officer here at Impact Output. Very happy to have you back here with us today.
Slightly frustrated, excuse me, slightly frustrated, as if you're watching us, you can see the new digs. We've been laying out the new studio, getting everything set up. We're about 50-50 there, and this is actually the third time trying to record this.
Everything looks like it's working well, and then it just, like, crashes on us. So if you're watching and you see me right now, I keep looking over at the screen, because I don't even have all the cords long enough to be able to stay looking at the camera and see what's going on. It's to see if this craps out on us, and if it does, to know where it does so I can fix it and get back in.
So really happy you're here with us. Third time saying this, let's get into it. So today, what I want to talk about is the major data breach, the 16 billion records.
If you've been looking at Facebook, if you've been looking at any news articles, you've probably seen it out there, and what I'd really like to do is dive into what that is, what that means for you, what you maybe should do, and good next steps. Before we get into that, please click that like, click that subscribe. If there are things that you would like us to talk about on the show, or some good wins that you've had with your cybersecurity or compliance program, please leave those in the comments.
We'd love to hear about them. Before getting started in today's episode, though, I do want to talk about something that we're seeing in our comments, something that we're seeing in other comments on other cybersecurity and IT podcasts and forums, and we're removing it when we see it, but just in case you see it in ours or somewhere else, I just want to throw it out there. There's a scam going around that basically says in the comments, hey, listen to the show, great episode, which is a really great comment, by the way.
I would love more of those. Love the show, and this is a bit off topic, but I'm having trouble with my crypto wallet. Here's my seed phrase, I was wondering if you could help me.
Now, if you take that phrase and you put that into your crypto wallet, it's going to give that person access to your account, so don't do it. Again, we're removing these whenever we see them, but in case you see it on our platform before we can remove it or you see it somewhere else, don't put that into your wallet. And if you've got the itchies, you feel like you just have to, whatever you do, please use a burner account.
Don't say I didn't warn you, but honestly, don't do it. It's a scam. Nobody's out there giving free money.
Never happens. Okay. With that said, let's dive into, for the third time, first time for you, third time for me, talking about this big data breach.
Now, you've probably seen on social media, on the news, that there was 16 billion records of access that it's from Apple, Facebook, and Google. I want to clear, with the limited information that there is, there's at least enough to know that this wasn't a data breach of a single company. It wasn't Apple, Facebook, and Google, even though there are some apparently Apple, Facebook, and Google credentials in there.
That's not, those companies didn't have a data breach. So, that may change later. We may find out something later, but that's not the case now.
It's also not any other particular company. Here's where it gets weird. When reading about this, when trying to get more information to be able to report to you about it, to speak intelligently, there's not a lot to go on.
When reading about it, it says that a researcher came across an unsecured database that was briefly accessible. And like it stops, like right there, it doesn't say what database, where they found it, what they were doing. It's nothing but, hey, there was a database here, it had 184 million records.
And then, there were actually 30 different data sets, some of those had like 3.5 billion, others had others, and this all totaled up to 16 billion records, which is a sensational headline, but there's no real substance behind it. So, that's kind of weird. It doesn't really say where this was, if it's still accessible, but at some point, it was, and that it could be out there, and that a lot of the articles are saying, oh, you need to go out there and change everything because everybody has access to it, and I don't know about that.
I'm never going to say don't change your passwords, don't update your accounts, but I also don't know if I would act like the house is on fire and immediately freaking out. I'm not going to start running through the town yelling, oh, your passwords are compromised. I just don't think that's the case.
There's obviously a lot of records here, probably a lot of duplicates, stating it's from malware, credential harvesting, and all types of other factors, but if I'm honest, I think that's always been out there. I think it's an aggregate of a lot of accounts, a lot of data breaches, and there's definitely data breaches you haven't heard about. So what I think this actually really means for you, I think good actionable steps here is that you should look at making sure you have good password hygiene, making sure that you're using strong credentials.
If you can, use a passphrase. Making sure you have MFA on every account. Making sure you're reviewing your access logs.
Is there anything that looks weird? And making sure to fully sign out of accounts so you refresh those tokens when you sign back in to help prevent any type of persistent access. If you're not doing it, I think this is a great time to, one, go through and review all of at least your critical accounts. Is there anything that's weird there? Do I have MFA? Do I have logging set up? Do I have a backup MFA? What you don't want to do is get stuck using a single authenticator on your phone, and if that ever gets broken or you have to get a new phone, now you've lost your MFA.
It can easily create a single point of failure unintentionally. One thing that we like to use is YubiKeys. If you're not watching the episode, you're just listening, you're not seeing me actually show it, so you're lost.
You're also not getting to see me, so double your loss. But using the YubiKeys is great because you can create backups. I've got one here.
I've got one in a vault. I've got one in another place. So I'm not worried about a single point of failure with the multifactor, and if my password is compromised, you still need this bugger to be able to get into the accounts.
If you can't, use passphrases. Go through, if you haven't in a long time, and check all of your critical accounts. Are they locked down as much as they can be? Do the user access audit, and if you're in there and you haven't changed the password in a while or you're in there and you can really easily enough, go ahead and change the password.
Make sure you're not duplicating any accounts. That's the advice I would give you. I don't know if I would freak out and start losing my mind over this.
I would definitely use it as a good reminder to do good password and multifactor hygiene, good access controls, good logging and monitoring, and use this as a kick in the rear to go double check those things. In the description, I'll go ahead and put some of our infographics, good resources that we have around password management, MFA. I think we've even got one in there about our performing a good user access audit.
Like I said, I think this is a good time to go do that. We'll definitely report on anything new that we see around this if there is any more information, but as of right now, it's really just a lot of, we saw a lot of credentials in this unsecured database, and we can't say from where and when. I don't know.
It's really weird reporting. In any case, do your good due diligence. Make sure you're secure out there.
If you need any help, reach out to us. Leave us some comments. Leave us some likes, and until next time, thanks for listening.
Thanks for joining us today. Don't forget, click that subscribe button, leave us a review, and share it with your network. Remember, security and compliance aren't just about avoiding risk.
They're about unlocking your business's full potential, so stay secure, stay compliant, and we'll catch you next week on Cash in the Cyber Sheets. Goodbye for now.
