London`s Metropolitan Police announced bolstering cybersecurity measures after one of its suppliers detected a data breach.
A contractor responsible for printing warrant cards and staff passes was the target of a cyberattack.
Data belonging to 47,000 officers and police staff was, reportedly, exposed in the data breach. Counter-terrorism units, high-ranking officials, and officers involved in top-secret operations or assigned to protect the Royal Family were among those affected.
Commissioner Sir Mark Rowley and Deputy Commissioner Dame Lynne Owens are on the list of people whose data had been stolen.
Stolen Data and Future Risks
Metropolitan Police`s stated that the supplier did not have access to addresses, phone numbers or financial details. However, it did hold names and ranks, photos, vetting levels and pay numbers of officers and other police staff.
Given the roles we ask our colleagues to undertake, significant safeguards and checks and balances should have been in place to protect this valuable personal information which, if in the wrong hands, could do incalculable damage.
stated Rick Prior, Vice Chair of the Metropolitan Police Federation.
The organization warned its personnel about the risks that may arise due to the data breach. One such risk is the possibility of undercover officers having their identities compromised. Withdrawing them from ongoing operations as a safety measure could undermine critical police work.
Top Measures to Prevent Data Breaches and Protect Sensitive Data
Databases are critical, sensitive assets, so hackers will always have their eyes on them. So, in order to protect your organization`s data properly, enforce the following data breach prevention measures:
- Enforce data encryption.
- Use an automated patch management solution so you make sure all software is updated and known vulnerabilities are patched.
- Follow an endpoint security best practices checklist. Are all the items on it checked?
- Enhance security measures of your cloud environment.
- Educate employees on how to recognize a phishing email and enforce a password policy.
- Include a DNS filtering solution to block all malicious communication and stop hackers from accessing or pulling data out of your system.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.