The Black Shadow Case - a Zero Privacy Risk Alternative

Ariel Shiftan

CTO & Co-founder

November 18, 2021

On this page

The Cyberserve breach is ugly. Black Shadow’s latest attack on Israeli software targeted companies holding very personal and highly sensitive information, notably the database of LGBTQ platform Atraf (Israeli equivalent to Tinder/OkCupid for gay people). The resulting data leak exposes health information, including HIV statuses and the sexual orientations of people who haven’t officially come out of the closet. This is a sanitized screenshot of stolen Atraf data released by Black Shadow:

censored database

As you can see, this database table is brimming with personal information and detailed identifiers (full names, emails, and phone numbers) and highly sensitive information about their users (sex, sexual preference, marital status, and health concerns). To appreciate the scope of this leak, consider that Atraf’s database features over 100 organized columns detailing different user properties. Or, put yourself in the shoes of the victims. Imagine having your information published like this for anyone to see and use as they please:

Name
Email
Phone
Sex
Sexual preference
Marital status
HIV

Yael Mizrachi

yaelmizrachi@gmail.com

059-1234567

Female

Male

Single

Positive

Dan Levi

danlevi@gmail.com

059-2345678

Male

Male

Married

Negative

Noa Cohen

noa@israeli.com

059-3456789

Female

Male

Single

Negative

  • The information in the table above is for illustration only.

Incidents like these are precisely why we joined the privacy domain. And we know how to stop them by asking a simple question:

What if the found data had been made useless or depersonalized? Specifically, what if Atraf had scrubbed and tokenized their data tables of PII so that its sensitive information wasn't linked to anyone?

Pseudonymized Data

Let's visualize it tokenized:

Name
Email
Phone
Sex
Sexual preference
Marital status
HIV

TOKENIZED_NAME1

TOKEN1@israeli.com

060-0000001

Female

Male

Single

Positive

TOKENIZED_NAME2

TOKEN2@israeli.com

060-0000002

Male

Male

Married

Negative

TOKENIZED_NAME3

TOKEN3@israeli.com

060-0000003

Female

Male

Single

Negative

Voila! No more names, emails, or any other identifiers to see here! Tokenization is integral to pseudonymization, the privacy best practice of reducing the privacy risk of data sets to zero by scrubbing them of personal identifiers (PII). Of the 120+ properties Atraf stored on each user, segregating merely 10 key identifiers would have done the trick and kept all this information private.

This is hardly a revolutionary idea—regulations like GDPR and CCPA have been recommending pseudonymization for years. So why aren’t we complying? The simple answer is that pseudonymization, like many other privacy best practices, is nearly impossible to actualize in modern enterprises. Their systems and workflows make it impossible.

Challenges to cross-organization PII pseudonymization

Before we raised Piiano’s $9 million seed round, my partner Gil Dabah and I investigated the privacy needs of more than 50 different organizations to understand precisely what was holding them back. This is how we were confronted with the realities of “privacy debt.”. Though privacy engineering improves privacy-related costs and compliance efficiency in the long term, it’s often too resource-intensive to implement.

Even today’s largest organization’s systems were built without privacy in mind and it would take years to architect it on their own. As a result, identifiers (PII) and other sensitive information have been mixed in and lost with the rest of an organization’s non-sensitive data, and copied and replicated across many systems and databases. There is nothing in place to help find and regain control over this scattered information.

But how can we be expected to share our most personal data if this is the case? Don’t we deserve more from the companies looking to profit off it?

Meet the first self-hosted privacy vault

The Piiano privacy vault lets developers easily build privacy and security within their own cloud environments. We were inspired by similar solutions for centralizing sensitive data developed and used internally by the few companies who could afford it (think JPMC, Netflix, and Slack).

Piiano enables developers to build systems with the highest privacy and security standards without forcing them to understand, implement and maintain complex and dynamic privacy compliance and security requirements. As opposed to standard databases, which are built to make the data accessible naturally, the Vault was built with sophisticated mechanisms to make data exfiltration very hard.

With our self-hosted privacy vault, developers can easily segregate PII from the rest of the data to finally give security teams the visibility and control they need to keep our data safe.

Create your account today and get started for free!

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

About the author

Ariel Shiftan

CTO & Co-founder

Follow

Ariel, despite holding a PhD in Computer Science, doesn't strictly conform to the traditional academic archetype. His heart lies in the realm of hacking, a passion he has nurtured since his early years. As a proficient problem solver, Ariel brings unmatched practicality and resourcefulness to every mission he undertakes.

Why Piiano Vault

Continue your reading

Back to all blogs
You agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.