![]() ![]() If the Plex data breach occurred though a compromised third-party a Vendor Risk Management solution could preemptively detected potential vendor vulnerabitliies that could facilitate such breaches. Implement a Vendor Risk Management Solution Network activity could be monitored with free tools like Wireshark.ĭata log documentation is a security control that could support compliance with cybersecurity regulations like HIPAA. Keeping an updated record of all asset access logs could alert you to suspicious network activity and also prove that appropriate response actions were taken in the event of a data breach investigation. Nevertheless, even with the limited amount of information that’s available, some important cybersecurity lessons can be learned from the Plex data breach 1. The company stored passwords securely, they rapidly detected and stopped the cyber attack, and, most important of all, the company notified its customer of the data breach within 24 of the event being discovered - a stark contrast to Cash App who waited four months before advising its users of a data breach. With the limited information currently available about the incident, it seems like Plex followed good cybersecurity practices leading up to and following this data breach. Plex data breach announcement sent to customers. Out of an abundance of caution, Plex has urged its users to reset their passwords immediately. Compromised data included:ĭepending on the degree of encryption, compromised passwords could take years, or even centuries, to crack with password discovery methods. The data breach impacted 30 million Plex users. Both scenarios are speculations that haven’t been confirmed by Plex. The term tunneling is also associated with VPN compromise, like the event preluding the Uber data breach. Tunneling references are usually descriptive of third-party breaches - when a data breach occurs through a compromised third-party vendor - which would align with Plex’s admission that the attack was facilitated by unauthorized third-party access. According to Plex, cybercriminals “tunneled” their way through sophisticated cybersecurity mechanisms to gain access to sensitive customer data. The specific attack vector that facilitated the breach hasn’t been disclosed. Plex was breached by an unauthorized third-party gained who gained access to a proprietary database. ![]()
0 Comments
Leave a Reply. |