We have heard a lot of gossip about the latest security breach suffered by companies like PageUP and Flightradar24 last month. The cyber havoc suffered by the human resource management company or so as to say ‘Cloud based Software-as-Service’ provider pageup is now on a limelight.
As mentioned in the official page of 'PageUp', "PageUp delivers HR software that helps your employees reach their full potential, anywhere in the world." So, various industrial sectors including corporate organizations, financial organizations, universities, healthcare group and other such organizations which included Reserve Bank of Australia, Commonwealth Bank, National Australia Bank(NAB), Australia Post, Australian Broadcasting Corporation (ABC), Medibank, Australian Red Cross, Bupa, University of new south wales (USNW), Australia National University(ANU), Macquarie University, Charles Sturt University (CSU), Lindt, Australian Gas Light (AGL), Tatts group, Aldi, Wesfarmers group’s acquisition including Coles, Kmart, Target, Officeworks and various other such organizations were dependent on the HR management service provided by the PageUP and were a part of the security incident that occured on May.
The immense use of online internet based systems has made our work easier and time saver at most of the cases. These types of online based systems have gave us many opportunities and made our work efficient, however they have always lacked something or the other and in this case, it was ‘Security’. The ‘Trust’ that the users have on these type of online based system is tremendously high. People feel safe and share their private informations with some third party thinking that their information is in the right hands and these companies would safeguard their information. Nevertheless, this has not been the case. Private and crucial information including email id, passwords, date of birth, phone number, physical home address, nationality, passport numbers, driving license numbers, card details, bank details, tax file number, superannuation details, past and present employment history and others such information could have been exposed to the cyber criminals in the recent breach.
Any information that we hold and share about us is very critical either it be our date of birth, home address, phone number, email id, personally identifiable information(PII) including citizenship id number, passport number, license number, tax file numbers, bank account details and others such information could be used against us to cause a harm either physically or virtually.
So, what would cyber criminals do with my personal information?
This could be the curious question that most of us might have in mind. Well, the cyber crooks are surely to generate huge sum of money from such compromised personal information. Phishing, vishing or smishing scamers are mostly likely willing to get such information for various fraudulent activities. Advertising companies might want to get such information to target their advertisement to a specific group of people living on certain locality or such. Criminals might use such financial information to extract money online or physically. Cyber crooks might sell such data to criminal gangs and create identity theft and cause severe catastrophe on an individual's life. If such similar evilness would happen then, sky's the limit for those crooks.
Technically speaking, such critical personal information of an individual on the dark web is worth nothing more than five dollars, and yes there are peoples who are interested in buying these informations.
People might be able to change their usernames, passwords, email id, people might change their bank card details but information like date of birth, mothers maiden name, their working history(resume informations) these are like the biometrics - fingerprints; nothing can be done neither can be changed, once it is gone is gone forever. Until and unless we do not create a cyber aware netizens, make use of proper technologies in a proper manner, these sort of activities would never stop from happening.
In conclusion, PageUP was just another example. There could be thousands of such similar organizations that provide such services and hold critical personal information of millions of people. Still, hundreds of them could be vulnerable to similar hack. Lets not forget that, Ashley madison, Equifax, Cambridge Analytica and others such breach were once a history. If even after all these years of lessons we have learned and cannot safeguard the information of individuals who completely trust and provide their details to such companies, and in the end
their trust gets exploited into the blue then all of our presence in this virtual world of computer networks could be doomed.
Are other such companies, private and government organization working hard to protect their netizens private data?
Finally, the question is that “Is our information in this era, in a perilous state?”