What you'll learn in this article:
- What the different types of data on uBreach are
- What the data on uBreach means to your organisation's security
- How to use uBreach data to help protect your organisation
What the different types of data on uBreach mean to your organisation's security
These will be present in every breach that is visible on uBreach, as your users' emails are used to find their exposed credentials. An attacker having the email address of one of your users is not generally a risk in itself, as this is likely to be public information anyway.
If a user has had their password exposed in a breach, it is likely to be a more major cause of concern. If the password has been cracked, it will have allowed an attacker to access the user's account on the service on which the breach happened. More importantly for you, however, is that a very high proportion of people reuse their passwords across online services. This means that your user could be using that same password to protect their company email account or any of their other business logins, causing a risk to your business network.
IP addresses - the unique numbers associated to every device that connects to the internet - sometimes appear in breaches. This will have happened when a service stores the IP addresses that their users log in from. Knowing your company's IP addresses could help an attacker launch an attack such as DDOS, but as IP addresses are fairly easy to harvest, having them exposed in breaches does not necessarily cause a significantly heightened risk to your organisation.
Personal details including birthdays, job titles etc.
Any personal details that are exposed in breaches cause a heightened risk of phishing and social engineering. An attacker could use information like one of your users' birthdays in order to help them pretend to be someone within the organisation. Exposed personal information also causes a high stolen identity risk, which could allow an attacker to bypass security protections to access the users' accounts.
Protecting your organisation
If you notice that one of your user's passwords has been exposed in a breach, this creates an immediate risk to you and your user due to the chance of them reusing passwords. To protect your organisation and your user, you should ensure that they change their passwords and do not reuse them in the future.
Any other type of information that is exposed about your users will increase the risk of phishing. If any of your users have had personal information exposed in breaches, they should be alert about anyone trying to access their accounts with their stolen identity. All your other users should also be alerted about the risk of an attacker using the exposed information to pose as the user in an attempt to infiltrate your organisation's network.