“Collection #1” Data Breach Details
As we see cyber more and more attacks by hackers happening almost every day now, where many users are either losing their accounts or being wronged by these attacks, they end up suffering heavy outcomes that are related to their loss of privacies. Most recently, we encountered with yet another attack where more than 770 million records, including e-mail addresses and passwords of internet users, were exposed in a data breach.
This week, Troy Hunt has publicized a new data breach affecting nearly 773 million records of users. Hunt said this large collection of files which could be the largest breach yet to be made public, were collected from a number of breaches and uploaded to popular cloud service MEGA. The collection is approximately 87GB of data and more than 2.6 billion lines. Hunt has pointed to a root folder, Collection#1, including 21 million passwords at a popular hacking forum and has called this data breach with the name of this folder, collection1, since the expanded folders and file listing give us a sense of the nature of the data breach.
MEGA Data Breach, one of the largest attacks to the computer networks in data history, shows the vulnerability of existing cybersecurity measures, despite the developing technology. As the waves of data breaches continue to damage the databases, it is necessary to find new ways to protect the digital data stored on local machines or cloud services.
Although it is not possible to deny the importance of existing measures such as using strong passwords, putting a firewall and using security software, most of these measures for providing cybersecurity is now challenged by the “innovative” attackers thanks to the developing technology. However, somewhat paradoxically, even if the developing technology enabled the hackers to be more professional in their work, the latest developments in technology like the blockchain infrastructure can provide the new opportunities for overcoming the data breaches altogether.
With the developing technology, we do all our work on the internet, ranging from bureaucratic transactions to shopping, by registering at many websites with our precious e-mail addresses and private passwords. However, we register at so many sites that most of the time we forget which one we signed up for. Usually, people have no idea whether cyber-attacks on these websites have affected them or not. A security researcher Troy Hunt has set up a special platform on Dec 4, 2013 , Have I Been Pwned (Bear in mind that this website is not promoted or recommended, it is just a service that you may use with your own discretion) that enables internet users to check if their personal data has been attacked by hackers. The service collects and analyzes hundreds of database dumps and the information about billions of leaked accounts to allow users to search for their own information by entering their username or email address. Many users can see a list of all known data breaches with records tied to that e-mail address. Furthermore, they can also sign up to be notified if their email address appears in future dumps.
Blockchain Technology for Cybersecurity
Blockchain technology can ensure that data cannot be damaged, stolen or lost through its infrastructure which is consisting of distributed and decentralized networks. In this technology, a verified piece of data forms a block, and after that, it is added to the chain and the added data cannot be altered or removed from the chain thanks to the cryptography as the users can look at previous versions of a block to identify the difference in the latest block. In these decentralized record-keeping mechanisms, when a hacker tries to tamper with a block, the whole system analyzes every single block of data to detect the one that differs from the majority of the network and as a next step, it immediately excludes “false” data from the chain.
Even if a hacker attempts to destroy the data stored on every user ‘s computer in the blockchain network, it is a very challenging task because of the existence of millions of computers with a complete set or part of data, unless the hacker can simultaneously bring down the entire network. Since this is mathematically almost impossible, the blockchain network can avoid being subjected to the risk of getting attacked by hackers. Therefore, we can consider the blockchain technology the most secure form of storing and sharing information online that we’ve discovered so far. That’s why most of the companies in different sectors have started to embrace blockchain technology to prevent fraudulent activity and increase data protection.
Colendi against “Fraud”
Colendi, credit scoring and microcredit platform, is one of the companies that can prevent fraud and protect its customers’ wide range of data thanks to the blockchain technology. Colendi provides a self-sovereign and mobile credibility identity for the users with the help of its highly developed credit scoring mechanisms. Colendi ID is users’ self-sovereign digital identity including their relevant information in a private and protected model working on the decentralized Ethereum Blockchain. When a user logs in to the Colendi application, only their Colendi ID is shared with the users on the network to keep the entire data private. It means that access to identity parameters is only possible by user-owned smartphone and a private key that was given to the user during registration.
Colendi also creates a mechanism preventing “fraud” as well as creating decentralized scoring. Both real-time and historical data are processed via intelligent algorithms in each node. Therefore, unreliable users, as well as fraud operations, are also detected instantly to enhance overall security and reliability of the protocol. One of the main tools enhancing the security to achieve “economic finality” in the Colendi ecosystem is slashing mechanism. This is a penalty mechanism for the bad actors who are made to serve as an extra safety measure. Colendi introduces slashing conditions to protect each party as well as the protocol from any imposture and privacy-violating act and to enable the data integrators to provide the congruity of their networks until the completion of the validation of each persona in the ecosystem. With a rounded solution to data hacks, an easy to use interface and a solution for the unbanked, blockchain projects like Colendi will mark the beginning of a new era of private data handling and complete security.