Earlier in the summer of online invitations company Evite admitted that hackers had gained access to "an inactive data storage file” associated with its user accounts.
Evite, which has more than 100 million users, did not say how many accounts were affected, though they all dated from no later than 2013. This April, however, hackers put data from 10 million Evite accounts up for sale on the dark web.
"The first step in protecting data is getting a handle on where the data is located, but many companies don't know where all their data is, and don't have good processes for tracking it.This keeps a lot of security professionals up at night," said Dominic Sartorio, senior VP of products and development at Protegrity, a Stamford, Connecticut-based cloud and data security company.
"Often the breach is not in the environments that you're already protecting, but a system or application where you didn't even know there was sensitive data there," he said.
Click here to read the full article on the DataCenter knowledge website.