Analysis of Recent Security Breaches Draft For milestone 2, you will complete the first few sections of the Portfolio Project. Include and be sure to use the outline already drafted for milestone 1. A

Analysis of Recent Security Breaches Draft

For milestone 2, you will complete the first few sections of the Portfolio Project. Include and be sure to use the outline already drafted for milestone 1.

Analyze a security breach that has occurred in the recent past (within the last three years). In your critical evaluation of the chosen security breach, review and analyze the breach along the following dimensions: 

1. What went wrong?
2. Why did it occur?
3. Who was responsible?

Your paper should meet the following requirements:

• Be 3 pages in length, not including the title page and reference page.
• Follow APA guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
• Support your answers with the readings from the course and at least four scholarly journal articles.
• Cite a minimum of six scholarly sources—academic and peer-reviewed—to support your positions, claims, and observations.
• Be clear and well written, concise, and logical, using excellent grammar and style techniques. 

PORTFOLIO MILESTONE ONE

There was a security breach on Facebook in 2019 discovered in 2021. This security breach was about cybercriminals who breached the Facebook database and accessed the phone numbers of 533 million users with their ID numbers, names, emails, and birthdays. The hackers had exposed the database to the members of the public, and they did this for almost three years. The breach was realized in 2021 by a cyber security firm. The criminals could access personal information each and every time they wanted because they had all the details to log into those accounts. The hackers obtained data from Facebook servers by using a misconfigured phone importer. These criminals could use the asses to commit more crimes using accounts that belonged to other individuals and went unnoticed. Most Facebook users were affected by the problem of their accounts being hacked during this period. They were in control of these accounts and regulated what happened (Choi., 2021).    Most security breaches occur as a result of vulnerability or exposure to databases. There might have existed a loophole to security on Facebook that was identified by these hackers and exploited to access the Facebook servers. Poor management of passwords might have given these criminals access to the servers, thus hacking many accounts (Finnerty et al., 2019). 

The problem is that Facebook cyber security did not realize this for three years, and rather an external firm identified this. This shows that the organization was reckless in maintaining and regularly checking its servers and databases. It is the role of the relevant organization to maintain secure passwords to servers and ensure that their databases are not exposed to criminals. All loopholes that can lead to security attacks should be closed and continually monitored to avoid the loss of relevant data and information within an organization. Misconfigured settings on software, password recycling, and vulnerabilities in software could all lead to a security breach. If an organization does not secure its networks, data, applications, and network, it could be at risk of being attacked. Criminals exploit the weaknesses of an organization to access its information. They exploit systems that might not be updated, thus stealing relevant information. In any organization, it should be ensured that only a few people are aware and can access the passwords because this will reduce the chances of being exposed to risks. If many people can access the server, there might be one who will expose the organization either willingly or unwillingly. The reason why Facebook cyber security agents took so long to realize that their account had been hacked was that many individuals within the organization could access the data, and therefore the chances of noticing were very high, thus increasing the risk (Reshmi., 2021).   

In conclusion, to avoid security breaches, one needs to keep on changing their passwords, back up the files regularly, use strong passwords, secure the computers and avoid leaking the information and passwords to the public. If all the loopholes within an organization are covered, information vulnerability is reduced. Reducing the vulnerability of data, passwords, and devices reduces the risks of being attacked by criminals. The Facebook security agents configured its security details again to minimize this issue because they were attacked because of misconfiguration. They made strong security passwords and backed up all the files hacked. The attack was so big and happened for a long time because they failed to check their servers and databases regularly. The risk within an institution can be managed by checking the security details, including the passwords and all other loopholes oftenly and managing them. Everyone within an organization has to be responsible for the organization's security at all times (Tuttle., 2018).

References

Breier, J., & Branišová, J. (2017). A dynamic rule creation based anomaly detection method for     identifying security breaches in log records. Wireless Personal Communications, 94(3),     497-511.Choi, Y. B. (2021). 

Organizational Cyber Data Breach Analysis of Facebook, Equifax, and Uber     Cases. International Journal of Cyber Research and Education (IJCRE), 3(1), 58-64.Finnerty, K., Fullick, S., Motha, H., Shah, J. N., Button, M., & Wang, V. (2019). Cyber security     breaches survey 2019.Foecking, N., Wang, M., & Huynh, T. L. D. (2021). How do investors react to the data breaches     news? Empirical evidence from Facebook Inc. during the years 2016–2019. Technology     in Society, 67, 101717.Reshmi, T. R. (2021). 

Information security breaches due to ransomware attacks-a systematic     literature review. International Journal of Information Management Data Insights, 1(2),     100013.Tuttle, H. (2018). Facebook scandal raises data privacy concerns. Risk Management, 65(5), 6-9.