The UAE Cyber Security Council has raised concerns over widespread data exposure, revealing that nearly 25 percent of publicly accessible files contain sensitive personal data. The warning comes as part of its ongoing awareness efforts, urging individuals and organisations to strengthen basic cybersecurity practices. In its latest advisory under the “Cyber Pulse” campaign, the Council highlighted that poor file-sharing habits continue to expose users to avoidable cyber risks. The findings point to a growing gap between the use of cloud platforms and the understanding of how to secure shared data.

Public Files and Sensitive Personal Data at Risk

The Council’s findings show that a significant portion of files shared openly online contain sensitive personal data such as identification details, financial records, or login information. This raises concerns about how easily such data can be accessed by unintended users. The issue is not limited to publicly shared files. According to the Council, between 68 percent and 77 percent of privately shared files may also be accessible to unintended recipients due to weak access controls or misconfigured sharing settings. This highlights a broader problem where users assume that private sharing automatically ensures security. In many cases, improper permissions or link-based access can lead to unintentional exposure of sensitive personal data.

Cyber Security Council Highlights Encryption as Critical Safeguard

The UAE Cyber Security Council emphasized that encryption remains one of the most effective ways to protect sensitive personal data. Files that are encrypted before being shared or stored online are significantly less vulnerable to unauthorized access. The advisory noted that cloud storage platforms do not guarantee automatic protection of data. Without encryption, sensitive files remain exposed if access controls are bypassed or misconfigured. Alongside encryption, secure account management plays a key role in reducing risk. Weak passwords, reused credentials, and lack of authentication measures continue to be major contributors to data exposure incidents.

Key Cybersecurity Practices Recommended

To address the risks associated with exposed sensitive personal data, the Cyber Security Council outlined several essential cybersecurity practices. Users are advised to use strong and regularly updated passwords and enable two-factor authentication across all accounts. Avoiding public links when sharing sensitive files is also critical, as these links can be easily forwarded or accessed without proper restrictions. The Council stressed the importance of reviewing privacy settings and managing access permissions carefully. Monitoring file usage and access logs can help identify unusual activity and prevent misuse. Additional measures include deleting unused files and inactive sharing links, securing Wi-Fi networks, and keeping devices and software up to date. Users are also encouraged to review application permissions and limit access to only necessary services. When accessing files over public networks, the use of virtual private networks can provide an added layer of security. Regular data backups and secure database management on cloud platforms are also recommended to prevent data loss and unauthorized access.

Awareness Remains Key to Reducing Exposure

The Cyber Security Council noted that many cases involving sensitive personal data exposure are the result of simple, preventable mistakes. Lack of awareness around basic cybersecurity practices continues to be a major factor. The “Cyber Pulse” campaign, now in its second year, aims to address this gap by promoting safer digital behaviour among individuals and organisations. The initiative forms part of broader national efforts to build a secure and resilient digital environment. By encouraging users to adopt stronger security measures and understand the risks of improper file sharing, the Council aims to reduce the exposure of sensitive personal data and improve overall cybersecurity hygiene. The latest findings serve as a reminder that while technology platforms continue to evolve, the responsibility to secure data often lies with users. Simple steps such as enabling encryption, managing access, and reviewing shared content can significantly reduce the risk of data exposure.