Is your personal information stored in a data warehouse, and how secure is it?

We trust all kinds of companies with our data – but how are those companies keeping our private information safe and secure?

Mikhail Nilov via pexels.com | Used by permission

Take Action

Earlier this summer we learned that “nearly all” AT&T customers had their data stolen by hackers. This is just one of the most recent in a string of data breaches by high profile companies that have compromised our personal info.

When we do business with companies we entrust them with lots of our important personal information. It’s their responsibility to protect us — but far too often, companies leave our data vulnerable.

When data breaches compromise corporations, we are the ones who pay the price. What are companies doing to protect our data, how are they storing it, and how can we make it safer?

Where is data stored?

We’re familiar with the idea of the “cloud” as a place where data goes to be stored, but the cloud doesn’t just float in the sky. Data stored in a “cloud” is actually being kept in a remote server somewhere. The massive databases of customer information that are often stored on these servers are often referred to as “data warehouses.”

Many big companies use third parties to store and manage customer data. For example, AT&T customer data was stored on a cloud owned by Snowflake, which also manages data for big names like Ticketmaster.

How do data breaches happen?

These third-party companies own enormous warehouses full of servers that store customer data for their clients.

One vulnerability of these massive cloud platforms is simply the fact that they aggregate lots of data in one place, making them valuable targets for hackers. If a hacker somehow gains access to one of these companies’ systems – because of stolen credentials, improperly configured security settings, or some other way – they are able to steal massive amounts of data all at once.

What kinds of data do companies store?

Companies need to collect some data on us to provide the services they do. For example, it makes perfect sense that AT&T knows its customers’ phone numbers. Banks and other financial institutions naturally have access to your financial information.

But some companies collect more data than they need for their jobs. For example, social media companies like TikTok collect massive piles of data about their users. 

It makes sense that TikTok would track what users on its platform engage with and how long they spend viewing content – but TikTok also collects data on direct messages, users’ country location, internet address, and device type. It even seems to estimate household income and knows how expensive the smartphones or laptops its users are scrolling on are.

As customers, we expect our dealings with any company to be private and for them to keep our data safe. But the more info any one company has about us, the more our privacy is at risk.

Data breaches are costly

Fraud affects millions of people in the U.S. every year, and costs us billions of dollars.

Sometimes, a breach just adds one new piece of stolen data to the dangerous databases out there that peddle our information. Other times, a massive trove of information is leaked: The Equifax breach of 2017 was particularly harmful, exposing millions of names, Social Security numbers, dates of birth, and other personal information

It’s easy to feel like our information is already out there and there’s nothing we can do — but we still need better protections for the future.

Some of our information changes. We get a new phone number, a new credit card, are diagnosed with new health conditions and grow close to new people in our lives. Stopping data breaches today is important to bolster our security in the future.

Take action to help stop data breaches

Snowflake – the company implicated in the recent AT&T data breach – manages data for all kinds of large companies. If their platform is leaving data vulnerable to hackers, we need to know about it — and the company needs to fix it.

By investigating the companies responsible and holding them accountable, we can help ensure the necessary steps will be taken to secure our data next time around.

Ask the FTC to launch an investigation into Snowflake and the AT&T breach today.