Blockchain: How to Avoid a Data Breach
<p>We live in digital times, accelerated by the need to structurally change the way businesses, institutions, events and organizations run in a pandemic-induced world. While digitization in the business world has many benefits, including connectivity, remote and flexible work, operational efficiency, communication and data storage, it’s imperative to use these technologies and virtual platforms carefully to avoid a data breach. A lack of digital best practices can attract fraud, malpractice and litigation while losing clients, revenue and respect.</p> <p>Social psychologist Stanley Milgram is known for coining the term “<a href="https://hbr.org/2003/02/the-science-behind-six-degrees" target="_blank" rel="noreferrer noopener">six degrees of separation</a>” from the hypothesis that just a few intermediaries connect everyone on the planet. Thanks to the interconnected digital world we live in, the idea of “1 degree of separation” is certainly within reach. But this connectivity can be taken advantage of by fraudsters, cybercriminals and hackers.&nbsp;</p> <p>Here we discuss five real-life cases of companies who experienced data leaks, theft and breaches, unfortunate examples highlighting the need to secure and protect the data you collect and hold.&nbsp;</p> <figure class="wp-block-image size-large"><img loading="lazy" width="1024" height="535" src="https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1931406860-1024x535.jpg" alt="" class="wp-image-11792" srcset="https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1931406860-1024x535.jpg 1024w, https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1931406860-300x157.jpg 300w, https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1931406860-768x401.jpg 768w, https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1931406860.jpg 1200w" sizes="(max-width: 1024px) 100vw, 1024px" /><figcaption>Secure and protect the data you collect and hold</figcaption></figure> <h2>1. The National Health Service (NHS) &#8211; UK (2018)</h2> <p>In 2019, it was uncovered that <a rel="noreferrer noopener" href="https://www.lawyer-monthly.com/2020/10/one-year-on-from-the-greater-manchester-nhs-data-breach-what-we-know/" target="_blank">staff within the NHS had been exploiting the patient records system</a>, and not for the first time. They had been accessing private and sensitive data from more than 2,000 patients for more than 18 months before it was uncovered. Data leaked included names and email addresses and some victims of this harmful data misuse could be eligible to receive up to £30,000 in compensation each, an incredibly costly data breach for all parties.</p> <h2>2. The Health Service Executive (HSE) &#8211; Ireland (2021)</h2> <p>A ransomware attack on the HSE’s servers accessed and <a href="https://www.irishtimes.com/news/crime-and-law/hse-confirms-data-of-520-patients-published-online-1.4578136" target="_blank" rel="noreferrer noopener">published sensitive information relating to 520 patients</a>. Correspondence and other corporate documents were amongst the data published and the cyberattack will cost the HSE at least €100 million. Since the data publication, people have been receiving phone calls from fraudsters claiming to be from the HSE or Department of Social Protection attempting to extract money.&nbsp;</p> <h2>3. Magellan Health Data Breach &#8211; USA (2020)</h2> <p>A Fortune 500 company, <a href="https://healthitsecurity.com/news/magellan-health-data-breach-victim-tally-reaches-365k-patients" target="_blank" rel="noreferrer noopener">Magellan Health, fell victim to a ransomware attack </a>where the sensitive data of over 365,000 patients, including health insurance account data and treatment information, were accessed. The phishing attack allowed the hackers to gain access to a single corporate server, implement their ransomware and wreak havoc.</p> <h2>4. Aadhaar Data Breach &#8211; India (2018)</h2> <p>This was one of the largest data breaches in the world at the time. The personal information of over 1.1 billion Indian citizens, stored on a system run by a state-owned utility company, was accessed. This breach exposed names, identity numbers, bank details, thumbprints and retina scans of almost each Aadhaar holder. Not only did this cyber attack unlawfully access this information, but the criminals sold access to the massive database on the dark web, allowing those who paid to download names and ID numbers of the Aadhaar registered citizens.&nbsp;</p> <h2>5. Facebook &#8211; Global (2021)</h2> <p>The networking site has been a notable “victim” to large data breaches over the years. For example, in April 2021, <a href="https://www.theverge.com/2021/4/4/22366822/facebook-personal-data-533-million-leaks-online-email-phone-numbers" target="_blank" rel="noreferrer noopener">personal data from 533,000,000 Facebook users was leaked</a> from the social media platform. Data exposed included phone numbers, DOB, locations, past locations, full name and email addresses and was made available to whoever wanted it for free.</p> <h2>How To Avoid Data Breaches</h2> <figure class="wp-block-image size-large"><img loading="lazy" width="1024" height="535" src="https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1361000201-1024x535.jpg" alt="" class="wp-image-11789" srcset="https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1361000201-1024x535.jpg 1024w, https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1361000201-300x157.jpg 300w, https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1361000201-768x401.jpg 768w, https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1361000201.jpg 1200w" sizes="(max-width: 1024px) 100vw, 1024px" /><figcaption>To mitigate data breaches entirely, we can stop them from occurring in the first place</figcaption></figure> <p>Data breaches result in loss of trust, tarnished reputations, adverse reactions, weakened relationships, financial suffering and loss of clients. When entrusted with private and sensitive information, the duty to protect and store it securely is very important. This responsibility should not be an afterthought but a reliable and efficient preventative process.&nbsp;</p> <p>To mitigate data breaches entirely, we can stop them from occurring in the first place. You can restrict employee access to sensitive information and audit how information is accessed, encrypt stored data and networks and strengthen passwords as preventative measures. Organizations that don’t have these security measures in place can face hefty fines down the line. Many industries like recruitment and healthcare have moved towards blockchain for the many benefits it offers.&nbsp;</p> <h2>What is Blockchain Technology?</h2> <p>What exactly is it? Blockchain is a digital record of transactions. On a basic level, digital transactional information (the “block”) gets stored, decentralized, in a public database (the “chain”). Originally associated with Bitcoin and cryptocurrencies, many industries, like recruitment, healthcare and education, now <a href="https://www.trueprofile.io/partner/resources/6-ways-for-recruiters-to-improve-their-data-security" target="_blank" rel="noreferrer noopener">use blockchain to improve data security</a>.&nbsp;</p> <p>As a ‘decentralized’ technology, each party involved has to give consent before a new digital transaction is added to the network and, once added, cannot be altered. Blockchain cannot be controlled by one single individual and so that makes things very difficult for hackers to gain access, corrupt, or distribute the data. Cybercriminals cannot edit or overwrite a blockchain network, as cracking the network is virtually impossible. This transparent means of storing data makes for safe, fast and trustworthy transactions.&nbsp;</p> <h2>Our Blockchain-First Approach&nbsp;</h2> <figure class="wp-block-image size-large"><img loading="lazy" width="1024" height="535" src="https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1894505215-1024x535.jpg" alt="" class="wp-image-11790" srcset="https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1894505215-1024x535.jpg 1024w, https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1894505215-300x157.jpg 300w, https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1894505215-768x401.jpg 768w, https://production-prod-trueprofile-blogassets-origin.s3.ap-southeast-1.amazonaws.com/uploads/2021/06/shutterstock_1894505215.jpg 1200w" sizes="(max-width: 1024px) 100vw, 1024px" /><figcaption>We use blockchain technology to store the validity of our Members’ documents</figcaption></figure> <p>TrueProfile.io has always taken a blockchain-first approach to give applicants complete control over their documents. Our recent blockchain partnership with <a href="https://matic.network/" target="_blank" rel="noreferrer noopener">Matic</a>, a side chain of Ethereum, offers many benefits for our Partners, including improved scalability, faster confirmations and lower transaction fees. </p> <p>In addition, we use blockchain technology to store the validity of our Members’ documents. Any of our Partners in possession of a Members’ <a href="https://www.trueprofile.io/partner/resources/what-is-a-trueproof-2" target="_blank" rel="noreferrer noopener">TrueProof</a>, a verified document, can securely verify the document’s authenticity against the blockchain. This method defeats the need for employers and educational institutions to continually process verification requests each time a professional or alumni apply for a new role. </p> <p>Our use of user-centric and technology-led data storage allows hiring companies to focus on the most critical task at hand — hiring the best candidate for the role.&nbsp;</p> <h3>If you are looking to hire pre-verified staff or want to find out how to verify new employees:</h3> <ul><li>visit our dedicated <a rel="noreferrer noopener" href="https://www.trueprofile.io/partner" target="_blank">Partners</a> area</li><li>request your free 7-day trial of <a rel="noreferrer noopener" href="https://lp.trueprofile.io/recruit-medical-staff-free-trial/" target="_blank">TrueProfile.io Recruiting</a> today</li></ul> <p></p>