Ryan Wilk, Vice President, Customer Satisfaction, NuData Security reacts: "This is the fourth exposure of sensitive user PII data on an unsecured server in less than a month. This mishandling of trusted data proves that just about anyone can obtain personally identifiable data to create fraudulent identities for account takeovers, opening lines of credit, or fraudulently buying products and services. Hackers use this information to form profiles of individuals that can be sold on the Dark Web and re-used across many sites at scale.
It’s important to note that these exposures are open vulnerabilities that almost anyone can access. It doesn’t take sophisticated hacking skills to access an unsecuredserver – fraudsters just need to know where to look. Companies that handle personal data need to up their game, not only by being vigilant about server security but also by incorporating the latest technologies to protect their consumer accounts. Advanced techniques like passive biometrics and behavioral analytics identify users by their personal behaviors, which can’t be mimicked by bad actors – even if these leaked but legitimate credentials are presented. The true value lies in the fact that even if consumer information is stolen, it worthless to anyone but the authentic user.