Angel One, a prominent Indian stockbroker firm, has reported a data breach after being alerted by its dark-web monitoring partner about a data leak. The breach was traced back to the firm’s AWS resources, which were compromised, leading to the leakage of sensitive information. Upon discovering the issue, Angel One acted swiftly to mitigate the threat by changing all relevant AWS credentials immediately to prevent further unauthorized access.

The firm is currently conducting a thorough investigation to determine the full extent of the breach and its potential impact on customers and operations. In addition to their internal efforts, Angel One has engaged an external forensic partner to validate the scope of the incident, assess the damage, and perform a comprehensive root cause analysis to understand how the breach occurred and implement corrective measures to prevent future incidents.

In a press release, Angel One stated, “We value the data privacy of our clients and as an immediate measure, we have engaged an external forensic partner to validate and investigate the impact of this incident and its thorough root cause analysis. We have verified that this breach does not have any impact on client’s securities, funds and credentials; and all our client accounts remain secure. We continue to investigate this further to assess its potential impact, if any, and are making this disclosure as a matter of good governance.”

News of Data Leak leads to drop in Angel One’s Share Prices. India has one of the strictest laws for reporting cyber incidents. The law mandates that organizations must report any data breach or cyber incident to the Indian Computer Emergency Response Team (CERT-In) within a specified timeframe, usually within 6 hours of detecting the breach. This regulation ensures timely response and mitigation of cyber risks, while also holding organizations accountable for the security of their data. Additionally, companies must implement stringent data protection measures, and failure to comply with these regulations can result in severe penalties, highlighting India’s commitment to strengthening cybersecurity.

Here are a few key steps to safeguard against data breaches through cloud-based resources:

1. Implement Strong Access Controls: Use multi-factor authentication (MFA) and enforce strict role-based access controls (RBAC) to ensure only authorized users have access to sensitive data in the cloud.
2. Encrypt Data: Ensure that all sensitive data is encrypted both at rest and in transit. This adds an extra layer of protection in case of unauthorized access.
3. Regularly Update and Patch: Keep cloud systems and resources up to date with the latest security patches to protect against known vulnerabilities.
4. Monitor and Audit Cloud Activity: Use cloud security monitoring tools to track and log user activity, and set up alerts for any unusual or unauthorized access attempts.
5. Backup Critical Data: Regularly back up important data to ensure you have a recovery option in case of a breach or data loss.
6. Use Secure APIs: Securely configure and regularly test APIs to prevent unauthorized access to cloud services through vulnerabilities in the application layer.

Conclusion:

There has been a sudden surge in data breaches worldwide in recent months, with organizations involved in financial systems becoming prime targets for cybercriminals. Just last week, Bybit, a cryptocurrency exchange, fell victim to one of the largest heists in the crypto space. In light of these growing threats, organizations must reinforce their security measures, especially as cyberattacks become increasingly sophisticated with the use of AI. Companies relying on cloud technologies are particularly vulnerable and must give serious, careful attention to strengthening their security controls.