Nov 21st, 2013

These days, it seems like hardly a week goes by between devastating data breaches. Despite the heightened awareness that business leaders now possess concerning the danger posed by cybercriminals, countless firms have still yet to upgrade their data protection efforts to minimize the risk that sensitive corporate information will be lost, stolen or exposed. Only by investing in and deploying high-end solutions, such as secure file transfer tools, can businesses truly ensure the integrity of their networks and data.

The latest example of a data breach caused by lax security standards struck the Australian-based online dating company Cupid Media. This breach, which occurred in January but was only recently confirmed, has exposed the information of tens of millions of customers, putting them at serious risk.

A major breach
The breach was discovered by security reporter Brian Krebs. He found a vast trove of Cupid Media data on a cybercriminal server that was also used to store information stolen in the recent Adobe data breach.

This stolen data included passwords, user names, email addresses and birth dates for approximately 42 million Cupid Media customers.

Critically, these passwords were not encrypted, meaning that any cybercriminals who gained access to this information would immediately gain the ability to utilize affected users' accounts. This put Cupid Media users at tremendous risk of identity theft and fraud.

In response to an email from Krebs, Andrew Bolton, Cupid Media's managing director, indicated that the organization "detected suspicious activity on our network and based upon the information that we had available at the time, we took what we believed to be appropriate actions to notify affected customers and reset passwords for a particular group of user accounts."

However, InformationWeek noted that when Krebs contacted a sampling of affected users, many were still using the passwords they had in place at the time of the breach.

Furthermore, the news source noted that Cupid Media claims to have 30 million active customers around the world, using 30 different dating sites. Considering that 42 million users' information was stolen, this suggests that some of those affected by the breach were former customers.

Protecting customer data
As this incident highlighted, poor security procedures have the potential to lead to devastating consequences. While it is obviously too early to determine precisely what impact this breach will have on Cupid Media, it is likely that the effects will be both far-reaching and long-lasting. Millions of users will or already have received notifications that their information has been exposed, putting them at risk. They will undoubtedly have a negative impression of the company as a result, and will likely not only look elsewhere for similar services, but encourage friends and family to do likewise. And for years, potential customers are likely to come across this event when researching the organization.

By investing in high-end, robust security solutions, such as secure file transfer tools, firewalls, antivirus and anti-malware programs, businesses can greatly reduce the risk that they will suffer the same fate.