![\"Dark-Web-Hackers-e1623404162841\"](\"/f4a2525a9984da26e33c408c8eaa8826/Dark-Web-Hackers-e1623404162841.webp\")
The year 2021 will mark the 4th anniversary of the first WannaCry Ransomware attack, which brought the concept of ransomware breaches into the limelight. It has been about half a decade since then.
\nCybersecurity isn’t just an IT issue anymore. It has caused substantial losses to businesses, governments, and individuals around the world. As we head into the third quarter of 2021, this insight is picking up steam.
\nIn this blog, we will look at the top security breaches in June 2021—when the world economy is already dealing with the effects of the coronavirus.
\nAccording to a report by RestorePrivacy, on June 22, a user on a famous hacker site announced the sale of data from 700 million people.
\nOne million LinkedIn members' email addresses, full names, phone numbers, addresses, and geolocations were included in a sample shared by the user.
\nLinkedIn, on the other hand, explained the data's apparent legitimacy. \"Our initial study has revealed that this data was scraped from LinkedIn and other websites and that it contains the same data that we disclosed earlier this year in our April 2021 scraping update,\" the company noted.
\nThis is LinkedIn's second data security breach incident this year. Earlier, in April 2021, around 500 million user data was stolen from the platform, which included publicly visible profile data.
\nA software developer based in China used Alibaba’s popular Taobao shopping website for eight months to collect more than 1.1 billion pieces of user information without the company noticing until recently.
\nA spokeswoman for Alibaba Group Holding Ltd. said the company proactively discovered and addressed a security flaw in its systems that allowed some unauthorized searches by a third party. The company said it would strengthen security and work with law enforcement but didn’t say how many people were affected.
\nThe firm revealed that 925 million of its users an average of once a month use their platforms for retail, and the breach of its database caused no personal information or financial losses.
\nAlso Read: 9 Data Security Best Practices For 2021
\nHackers broke into Electronic Arts (EA), the video-game publisher behind Battlefield, FIFA, and The Sims, and stole detailed source code to FIFA 21, the Frostbite engine, and other game development tools.
\nOther reputable game creators are unlikely to utilize EA's code without permission, but malevolent hackers might use it to cheat or breach a game or engine. A data hack might expose confidential projects and game concepts. Breaching of security is also bad for a company's reputation.
\nIn addition, the hackers claimed to have Microsoft Xbox and Sony SDKs and API keys for sale. They even uploaded a screenshot displaying a total of 780GB of stolen items.
\n
Screenshot: Bleepingcomputer
\nAccording to ABC News, more than one billion search data from CVS Pharmacy's website were exposed online. The vulnerability was discovered by a cybersecurity researcher named Jeremiah Fowler.
\nThe details are related to search phrases on CVS Pharmacy's website and included information about Covid-19 vaccines that people were looking for. Fowler added that users typed in their email address in some cases, which was available in the records.
\nCVS admitted to ABC News that they had overlooked a database connected to them and that the breach stemmed from a third-party vendor who was hosting the information. The database has been shut down since.
\nAlso Read: Protecting Organization From Cyber-Threats: Business at Risk During COVID-19.
\nComputer network disruptions at JBS, a multinational conglomeration of animal processing and food manufacturing companies, have had trouble reeling in Australia, Canada, and the US.
\nJBS has the five largest beef plants in the United States, and the shutdown has put a fifth of the country's meat supply on hold.
\nIn June, JBS confirmed that it paid a ransom of nearly $11 million worth of bitcoin to hackers after they disabled its computer systems and demanded payment in the cryptocurrency.
\nThe New York City Law Department was hacked, leaving thousands of its lawyers locked out of their accounts.
\nIt turned out that a hacker got into the network of the 1,000-lawyer agency by using a worker's email password. The invasions caused havoc with the city's lawyers, halted court procedures, and threw the department's legal affairs into turmoil. Most expressed concerns about the exposure of Social Security numbers and other sensitive data.
\nOfficials also stated that there was no evidence that the attack harmed the city's computer systems, even though the inquiry was still ongoing. Investigators are still attempting to figure out who the criminal is and the motive of the perpetrator.
\nSeeing how cyber attacks can cause damage should be reason enough to take preventive measures right away. For instance, McKinsey sees next-generation Identity and Access Management leading enterprise cybersecurity spending in 2021.
\n![\"mckinsey\"](\"/6039906b9eea3dd9caa2c3f9dc025129/mckinsey.webp\")
Image Source: McKinsey
\nWhat other steps can you take to reinforce your organization's cybersecurity framework and protect it from cyberattacks?
\nPasswordless authentication: Passwordless authentication eliminates the need for users to enter passwords during the verification process. Instead, they must produce another type of proof that verifies their identity, such as a one-time password (OTP), secret PIN, SMS- or app-generated codes, biometrics, etc.
\nHackers want your data. They spend a lot of time trying to break into computer systems, and your passwords are the keys to those systems. So, when you do not have passwords in the first place, that gateway is already locked.
\nData encryption and regular data backups: Data encryption is still one of the most effective methods of preventing data leaks. Ensure that sensitive data, such as private consumer information, employee information, and other sorts of sensitive corporate data, is encrypted first and then backed up.
\nThis way, if your company's sensitive data slips into the wrong hands or you fall victim to ransomware attacks, there's nothing to lose.
\nAuthenticating consumers is difficult and time-consuming. When used in conjunction, a CIAM solution like LoginRadius can significantly improve cybersecurity. It uses the approaches mentioned above and all recommended practices to filter permitted access and avoid typical attack situations.
\n![\"book-free-demo-loginradius\"](\"/8fce571f703a5970dbb1359a2fe0e51a/book-a-demo-loginradius.webp\")
With the growing need to be online, people are logging into far too many websites all at once. No wonder problems like changing passwords, usernames, and registered mail IDs become obstacles in many instances.
\nIt is a bad experience for users and definitely not good news for businesses too!
\nUser experience dominates everything else in today’s marketplace. Among 4.8 billion internet users today, 73% of people prefer user experience over price in their choice of brand.
\nIt is pretty obvious now that brands should seek new ways to deliver an exceptional customer experience.
\nHaving spoken about experience, the user interface also crosses the mind. They are two sides of the same coin but cannot be compared with the same weight. Here is my summarized take on both of them.
\nThe user interface is the space where interaction between humans and machines occurs. User experience, on the other hand, encompasses all the aspects of a person’s behavior, attitude, and emotions about using a particular product, system, or service.
\nNo matter where you are on the web, there are various windows open for user interactions. These may be places where users fill their shopping carts, interactive web games, or (most certainly) the website login and registration forms.
\nLogin is a big deal that decides the entire UX your website is going to deliver. Businesses should try to put as little resistance as possible into their registration process. As with it comes customer identities—the most accurate first-party data beneficial for conversions and customer retention.
\nSo, what are the best practices that businesses should adopt to create easy-to-sign up registration forms?
\nA big mailing list and lead generation are the two primary goals of any business.
\nFor example, look at Tinder’s 60 million daily active users.
\nThere is no magical potion behind their user acquisition practices. They are just a bit more careful in their strategies.
\nA crucial step in creating a sign-up form is to spend time understanding the user's reasons for signing up. Before preparing your questions, it’s important to think about the following:
\nWhen you finally have all your answers, let's help you design your registration page.
\nFirst stop. Remember the 8-second rule. Your design will either capture a buyer’s interest or lose them for good within the first eight seconds.
\nSo, how do you keep pace with consumer demands? The following rules will help.
\nRule #1: Keep the dimensions of all your form fields big. Not everyone is handy with tabs or uses their mouse to click on each field.
\nRule #2: Make sure your visitors don't have to delete anything when filling out your text fields, as this would just waste their time.
\nRule #3: Follow the single-column design for your Signup page, as two columns will create confusion when tabbing.
\nRule #4: Make your sign-up button visible enough with a clear call to action message.
\nRule #5: Ask only for information that is needed and relevant to your business. Do not stretch your registration form to a length that frustrates your visitor.
\nRule #6: Do not confuse your visitors and keep it simple and consistent throughout your entire web interface. Also, make it easy to find where to register.
\nRule #7: Build a value around registration and let your visitors know the purpose of your signup.
\nAnd last, perform A/B testing on your signup forms. You will surely get some space for improvements.
\n![\"how-ui-ux-affects-registration-pinterest1\"](\"/1ff64f5ed2974125b300a06f05fa6be1/how-ui-ux-affects-registration-pinterest1.webp\")
Image source: Pinterest
\nSign-Up form takeaways
\n![\"how-ui-ux-affects-registration-landcf\"](\"/608ba2088ccb6371107dd4687a12e138/how-ui-ux-affects-registration-landcf.webp\")
Image Source: Lane Crawford
\nSign-Up form takeaways
\n![\"how-ui-ux-affects-registration-gnc\"](\"/910d2c0e575808e4283cd393e9c51984/how-ui-ux-affects-registration-gnc.webp\")
Image source: GNC
\nSign-Up form takeaways
\n![\"how-ui-ux-affects-registration-canva\"](\"/36d0ae1bbbd4de8a16797d142e3145d6/how-ui-ux-affects-registration-canva.webp\")
Image source: Canva
\nSign-Up form takeaways
\n![\"how-ui-ux-affects-registration-mmt\"](\"/0a8935ea7375f168e0e7f22da0b95669/how-ui-ux-affects-registration-mmt.webp\")
Image source: MakeMyTrip
\nSign-Up form takeaways
\nSo far now, you have seen examples of registration forms of different varieties. The one thing common that you will notice in all of the above examples is Social Login.
\nYou must have probably used them many times to log on to various websites. They are increasingly common and faster modes of registration.
\nIn fact, according to Consumer Digital Identity Trend Report 2020, 70.69% of 18-25 year-olds prefer social login.
\nWell, no surprise there!
\n![\"how-ui-ux-affects-registration-lr\"](\"/81f34e18e9e62187c332411bd563ac54/how-ui-ux-affects-registration-lr.webp\")
Image source: LoginRadius
\nBut should you be using them for your own business? Read on the following advantages of social login to decide whether you should consider them an alternative to the traditional registration process.
\nBut what about the downside?
\nWhen people find so many options in front of them, they are most likely to do one of the following:
\nMany companies overlook the crucial factors to consider when integrating social login into their website. Some precautions to take include:
\nTip #1: Do not clutter your website with too many network providers just because it is a popular feature on the block. Add only those which are relevant to you. It is okay if you have only two providers on your login screen.
\nTip #2: Find where most of your targeted audience floats. Look into every social media channel and find out which will work best for your business while keeping your product and service in mind.
\nTip #3: Ask for the correct data from consumers and also explain why you want them. Apart from some basic information that a social network provider allows you to retrieve, access to all the other information should be permission-based. ** **
\nTip #4: Give your visitors a notion of what they can get in exchange for their social credentials. Just tickle their interests and give them a feeling that they are missing out on something really big.
\n![\"how-ui-ux-affects-registration-1\"](\"/c22d9ab2d1a666111ec01db07d6bcd91/how-ui-ux-affects-registration-1.webp\")
![\"how-ui-ux-affects-registration-2\"](\"/39c961d621b67215f5dbf16836208c39/how-ui-ux-affects-registration-2.webp\")
![\"how-ui-ux-affects-registration-3\"](\"/19c201c2ee4d6712a5e867244a0568ba/how-ui-ux-affects-registration-3.webp\")
![\"how-ui-ux-affects-registration-4\"](\"/d1cad505b5ed94874afdbdfb3fd3a69a/how-ui-ux-affects-registration-4.webp\")
![\"how-ui-ux-affects-registration-5\"](\"/6d83fbf414afa257aee9176528674c58/how-ui-ux-affects-registration-5.webp\")
So, get cracking! Obviously, you do not want to lose out on your potential customers. Enjoy the endless benefits of Social Login with the LoginRadius unified social API.
\n
In mid-January 2020, Marriott International suffered a new data breach which affected around 5.2 million guests.
\nMarriott claims the security breach could have revealed 5.2 million guests 'personal details. This is the second data breach by Marriott in recent years following a breach in 2018.
\nThe breach was identified at the end of February 2020 and dates back to mid-January 2020.
\nMarriott says it discovered in late February that the network of an unspecified hotel chain had been hacked, and hackers who obtained the login credentials of two Marriott employees may have accessed the guest details. The firm has reason to believe the operation began as early as mid-January.
\nThe breach may have taken personal details such as names, birthdates, and telephone numbers, along with language preferences and loyalty account numbers.
\nMarriott stated, \"While our investigation is continuing, we currently have no reason to assume that the details involved included passwords or PINs for Marriott Bonvoy account, payment card details, passport information, national IDs or driver's license numbers.\"
\nAdding to it, Marriott said it contacted guests whose details may have been taken via email and launched a website dedicated to those who were affected. The company offered the program for tracking the personal information of visitors whose details could have been compromised.
\nThe hotel giant announced another data breach in late 2018, which affected up to 500 million guests while staying at its subsidiary, Starwood, purchased by the company in 2016.
\nIt could be considered an honest mistake to suffer one data breach but to suffer two in less than two years looks like carelessness. There are some promising signs that the company has learned some valuable information security lessons in spite of how it may look to an outsider. From this experience, the entire hospitality industry should now know better.
\n![\"Protecting-PII-Data-Breaches-industry-report\"](\"/50eb35550996efd860854fef81a6360e/Protecting-PII-Against-Data-Breaches.webp\")
1. Develop a Security-Centric Culture at the Top Level.
\nWhen the security of customer identities and profiles is priority number one. A security-centric mindset ensures a serious approach to customer data security. The approach should be top-down instead of bottom-up, with responsibility resting with the CEO and board.
2. Stay ahead of the security curve.
\nIt’s okay to be cautious in adopting innovations, but when it comes to customer data security products, companies should be proactive, constantly reviewing and trying new developments to stay ahead of hackers.
3. Make your security spend for customer data security unbudgeted.
\nInvest whatever it takes to protect sensitive customer data. Yes, stay within your financial metrics, but don’t cap the budget, because capping it means you’re compromising. Give the security team whatever they request to protect the brand. It’s not going to cost billions.
4. Recognize that customer data security is not a cost center but a revenue center.
\nCompanies need to understand that customer data security is part of the revenue center, not the cost center. With better security, you are not only preventing breaches, but you are also building trust within your customer base to generate more revenue.
Let’s hope that Marriott and its peers in the travel industry have learned that, while the security of customer accounts may not be their core business, it still needs to be priority number one.
\n![](\"/dc606ee34e1fd846630cfcbae3647780/BD-Developers2-1024x310.webp\")
![](\"/fa7a78b2c8ae160f6704287a6d651f65/funding-img.webp\")
Today, I’m very excited to announce that LoginRadius has raised $17 million Series A funding, led by ForgePoint Capital and Microsoft’s venture fund, M12. In connection with the funding, both companies will also be joining our board to further our partnership, product and innovation cycles.
\nSince LoginRadius’ launch in 2012, we have been relentlessly focused on customer identity and have experienced triple digital annual growth for the past two years.
\nThis funding opens huge possibilities for the company, in terms of helping us accelerate product innovation, and to expand globally to help serve the fast-growing $20 billion customer identity market.
\nYou can read the full Press Release here.
\n","frontmatter":{"date":"July 24, 2018","updated_date":null,"title":"LoginRadius Announces $17M Series A Funding from ForgePoint and Microsoft","tags":["industry-news","other"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.6666666666666667,"src":"/static/fdb8610707cb15170f7eb2bbee9fe5be/58556/loginradius-announces-17m-series-funding.webp","srcSet":"/static/fdb8610707cb15170f7eb2bbee9fe5be/61e93/loginradius-announces-17m-series-funding.webp 200w,\n/static/fdb8610707cb15170f7eb2bbee9fe5be/1f5c5/loginradius-announces-17m-series-funding.webp 400w,\n/static/fdb8610707cb15170f7eb2bbee9fe5be/58556/loginradius-announces-17m-series-funding.webp 800w,\n/static/fdb8610707cb15170f7eb2bbee9fe5be/99238/loginradius-announces-17m-series-funding.webp 1200w,\n/static/fdb8610707cb15170f7eb2bbee9fe5be/90fb1/loginradius-announces-17m-series-funding.webp 1500w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.webp"}}}},{"node":{"fields":{"slug":"/identity/ifma-loginradius-customer-success-story/"},"html":"![\"IFMAlogo\"](\"/d5e304bbcf56ccf7e40fd76164dbd678/IFMAlogo.webp\")
The International Facility Management Association (IFMA) is the world’s largest international association and guidance body for facility management professionals. Founded in 1980, IFMA provides credentialing, education programs, and guidance to facility management professionals. Headquartered in Houston (USA), IFMA is a not-for-profit organization supporting professionals in 104 countries.
\nWith registered members in more than 100 countries worldwide, IFMA intended to take as much of the member interaction online as possible. This meant that many of its services would be extended to members through their community websites. With the goal of providing a well-rounded online experience, they also wished to collect more information about its members.
\nIFMA decided, however, that its members should not be forced to perform unproductive tasks such as completing long registration forms, or remembering multiple login credentials for the various websites. IFMA wanted a seamless user experience for its members so that they would not be distracted or repelled by the different stages in the workflow.
\nSome of the challenges that IFMA was experiencing included:
\nAfter the deployment of LoginRadius customer identity and access management solution, IFMA was able to simplify the member sign-up and engagement process. In addition to fulfilling its core objectives, IFMA was able to build rich member profiles with the obtained social profile data. Specifically, LoginRadius helped IFMA achieve its goals in the following ways:
\n1. Introduce Social Login in the Authentication Layer
\nIFMA wanted LoginRadius to remove the clunky and time consuming registration form in favour of a seamless social login process would increase members’ activities. IFMA opted for Google, Facebook, Twitter, and LinkedIn as the four social networks whose identities its members can utilize to signup and login to the community site. As expected, IFMA experienced a significant increase in member engagement, as well as the number of daily and monthly active users.
2. Capture Social Profile Data and Assign Roles
\nWith the help of LoginRadius, they were able to obtain the missing data points via social login. This allowed IFMA to capture the basic and extended data points from the member’s social profile that they have chosen to log in with. Alongside building rich profiles, LoginRadius also provided IFMA with a role management function. This allowed IFMA to assign hierarchical roles to each member upon registration, enabling them to increase website engagement.
3. Single Sign-On on Multiple IFMA Websites
\nIn preparation for future site additions, IFMA asked LoginRadius to implement Single Sign-On for its properties in such a way that new websites can be added to the Single Sign-On grouping on a plug and play basis.
4. A Unified Profile for Each Member
\nLoginRadius’ cIAM solution ensured that while an individual member can be associated with a number of social profiles, in addition to the official IFMA profile, all of the data associated with the single member is centralized, with only one record created per user. The same convention would also be followed for any prospective IFMA websites as desired by the organization.
IFMA - LoginRadius Customer Success Story
\n