Social media data breaches expose top tech companies’ vulnerabilities
Tech giants are vulnerable to a new type of data breach that exposes the identities of their users and allows hackers to access data, researchers at Symantec and Kaspersky Lab have found.
In their research published Monday, researchers used Symantech’s own Threat Intelligence software and Threat Scanner to identify data breaches in the top five social media companies.
They then analyzed data on 6,822 accounts and 4,857 employees for data breaches.
“The researchers found a very large number of companies that are vulnerable,” said Kasperski Lab founder and CEO Eugene Kaspersko.
“There is no doubt that we have to be on the lookout for these types of breaches, and we are working with the top leaders of those companies to improve their practices to reduce the risk.”
The researchers noted that some of the data breaches they identified could be related to a previous breach.
However, Symantek and Kablesk did not identify any specific attackers.
Kaspersky said the companies that had more data breaches than SymantEC had more than 20 percent of the world’s population, but the researchers found that only 20 percent had enough data to determine who the victims were.
The researchers said they also found that some social media firms use different systems for protecting their users data, so they were not necessarily as secure as they should be.
In the case of Kasperskaya’s data breach, the company said the hacker gained access to the accounts of more than 40 million people, and that the company did not believe it was connected to the previous incident.
Symantec, however, said it had found that the attackers may have used a technique called DDoS attacks that allowed them to steal credentials for the affected companies.
The company said that it is also working with government officials and law enforcement to identify those who may have breached Symantems security.
“We are constantly working to ensure that our data is secure, and in the coming days we will release an update to our Threat Intelligence and ThreatScanner to help us make that happen,” Symanteck said.
Kremlin-controlled media outlet Russia Today also said that the data breach affected more than 10 million accounts.
The findings are in stark contrast to Symantebot, which reported in October that it had uncovered 2.8 million breaches over the past three months.
That publication said the company had detected 2.1 million data breaches that had not been reported by Symantemes security.
In a statement Monday, Symanticech said the findings of the researchers are an important reminder that there are still many ways to be breached, and it urged customers to make sure their social media and online banking accounts are secure.
“These breaches can take different forms, and the company is committed to offering the best protection for our users and partners, including in our industry-leading vulnerability reporting process,” Symanticec said.