Saudi oil giant, Aramco, is currently battling a cyber-extorsion campaign involving a $50 million ransom and 1 terabyte of leaked company data.
The data was found published on the darknet - an encrypted sector of the internet supporting clandestine illegal operations.
Aramco says that the data was hosted by one of its third-party contractors and that this incident was not a result of a cyberattack or a data breach. It’s, therefore, speculated that overlooked data leakage was to blame
What’s the difference between a data breach and a data leak?
A data breach is the result of a planned cyber attack targeting sensitive data, a data leak is the accidental exposure of sensitive data.
When cybercriminals discover a data leak, it could arm them for a devastating data breach, or in this case, a momentous cyber-extorsion campaign.
At this point, it’s understood that unidentified cybercriminals discovered one of Aramco’s vendors leaking data, seized it, and then offered Aramco the chance to have it deleted in exchange for a ransom payment of $50 million in cryptocurrency.
It’s not yet known how Aramco plans to respond.
Data leakage is, unfortunately, a prevalent vulnerability. A recent study by UpGuard found that 36% of surveyed companies unknowingly suffered a data leak in the last year, and that data leaks increased by 25% in the ASX 200 since 2019.
Third-party breaches account for almost 60% of data breaches. By shifting the focus to shutting down events that could develop into breaches - vendor data leaks - the provocative trend of third-party breaches could be severed by more than half.
This novel approach to data breach prevention could, one day, save you $50 million.