On August 31, the mail-order pharmacy provider Posmeds (Truepill) discovered a data breach.
During the investigation of the attack, it came to light that the data of over 2.3 million users was compromised.
A hacker stole personally identifiable user data — including the names of patients and their physicians, prescribed medication, and demographic data.
Luckily, Postmeds doesn’t collect the user’s Social Security Numbers.
Unfortunately, the obtained information was enough for a threat actor to sell on hacking forums or use to target unsuspected users in phishing campaigns.
Since stolen files are already available on the dark web, some users have reported unusual activity on their Venmo accounts.
On October 30, 2023, the company informed affected patients. Many notified customers didn’t even recognize the name of this company. Also, they were surprised that they were notified two months after the attack.
A data breach is a nightmare for any company.
How can businesses reduce the chance of a data breach?
On the first line of defense, there are usually antivirus programs, Firewalls, and Intrusion Detection Systems.
As the company grows (and with it, the volumes of data), it needs more nuanced systems and solutions to deter hackers from compromising sensitive information — such as trusted data loss prevention (DLT) tools.
How does data loss prevention help companies avoid expensive lawsuits and the damaged reputation that follows a data breach? And what else can we learn from the Truepill hack?
Increases Visibility of Personally Identifiable Data
For companies that handle large volumes of data, it can be challenging to tell where all the documents are stored, who has access to them, and whether there are files that should have been removed from their databases.
It gets even more complex within modern cloud and remote environments, where data is shared between networks.
Also, not all of the data is the same. It’s more challenging to safeguard data that is in motion compared to the documents that are stored and at rest.
Some data requires more attention — such as sensitive user information.
The first step of data loss prevention is to increase the visibility of a company’s most important assets. DLT lets them know where the most important files reside at all times.
Then, it continually analyzes data transfers and traffic, enforces pre-set safety policies, encrypts data, alerts of unauthorized activity, and more.
Truepill is scrutinized for not encrypting the data that a hacker might find on their servers. Although they discovered the illicit access early, the hacker was still able to steal the medical information of over 2.3 million users.
Ensures You Meet Compliance With Regulations
While compliance doesn’t equate to hacking-proofing the systems and personal data, it does prescribe the best industry practices that will help you prevent possible data loss.
Compliance elaborates on processes and measures that a business that handles personally identifiable data needs to meet. It keeps its users safe from possible fraud and compromised data.
Which regulatory compliance laws and guidelines a company needs to meet depends on the country. For example, medical companies in the U.S. would form their compliance program based on The United States Sentencing Commission Guidelines Manual.
In Truepill’s case, lawyers are already preparing class action lawsuits in several regions. A major argument they make is that this cyber incident could have been prevented if the company had stronger security that followed the guidelines of the industry.
DLP uses AI and machine learning to enforce a specific company’s compliance rules, ensuring the best practices are always followed.
Protects an Organization Against Cyber Attacks
DLT continually monitors the activity within the network. It alerts the teams if anomalies appear. Someone could be accessing the database at a suspicious time and place or attempting to transfer files outside the boundaries of the network.
Therefore, data loss prevention is an important layer of defense for companies that want to detect and mitigate instructions and cyber attacks early.
To protect their files, organizations combine them with other solutions, such as File Firewalls that regulate access, triple-check security policies, and detect ransom attacks.
Timely attack discovery is integral. The longer the hacker goes undiscovered within your network, the more costly the remediation gets, and more documents are likely to get stolen.
For example, one of the cyber attacks that can result in stolen and later leaked data is ransomware. The malware that locks files. Then, hackers demand ransom to restore access.
These days, ransomware attackers do more than file encrypting. Before encrypting data, they access the network, steal private files, and threaten to leak them online if the ransom is not paid.
The role of data loss prevention in attacks such as ransomware is to prevent the threat actor from transferring any data beyond the internal database of a company.
Truepill was able to uncover unauthorized access early, in as little as 24 hours. After that, they hired cybersecurity professionals to help them strengthen their security, improve protocols, and avoid similar incidents in the future.
This could mean that the company already has security measures that helped them discover the attack on time. For reference, it can take companies over 100 days (or even years) to uncover a data breach.
Data Loss Prevention Matters for All Industries
Healthcare is still one of the top 10 industries that are likely to be targeted by cybercriminals. Others include manufacturing, financial industries, and consumer services.
As more businesses gather sensitive user data, hackers get a larger pool of potential targets to choose from — and more opportunities to steal sensitive data.
Data loss prevention identifies where all your data is at all times. With that information, it can pinpoint whether someone is trying to transfer it outside your network.
Ultimately, it makes sure that your data security protocols follow the best data protection practices prescribed by your industry and helps you prevent data breaches.