IRS Breach Shows What Happens to PII After it is Sold on the Black Market

By | May 29th, 2015|Breach, Uncategorized|

IRS BreachThe IRS experienced a breach that is changing the way businesses and consumers think about personal information. Reporters attribute the IRS breach to a crime syndicate in Russia, who used personal information obtained elsewhere to exploit the Get Transcript feature on the IRS website. They successfully exploited 104,000 individuals and filed nearly $50 million in fraudulent tax funds.

“This breach is not just about what this single group is going to do with the information, but what happens when this information gets sold on the black market,” said cybersecurity author Peter Warren Singer to The New York Times. “It’s rare for the actual attackers to turn the information directly into money. They’re stealing the data and selling it off to other people.”

As Singer points out, this breach demonstrates how cyber criminals can take stolen data and exploit an online system to pick the pockets of thousands of consumers. Major data breaches thus far have proven that cyber criminals have the know-how to exploit major retailers’ security systems; this breach proves these criminals have more sophisticated schemes in their back pocket to cash in on the information they’ve stolen without having to find a vulnerability in an organization’s security system.

This is costly to businesses as it highlights the limited control they have on security breaches. Maintaining a healthy, secure system helps businesses avoid data breaches, but cyber criminals are working around secure systems by taking advantage of customers’ personal information. Gizmodo reporter Kate Knibbs calls this a “domino effect.” The way it works is that cyber criminals hack into a business’ system and steal customer data. Using that customer data, which includes name, address, email credentials and Social Security number, cyber criminals can log in to another business to make purchases or otherwise financially exploit a business. The result? A business is hijacked without its security system ever being hacked into. Cyber criminals are finding these workarounds, making their schemes more sophisticated and harder to identify from the outside.

So what exactly can we do to mitigate the risk of these types of breaches? Businesses and consumers must develop better habits and methods to protect their identities online. Password reuse is one of the most damaging habits of consumers. In fact, six out of 10 admit to reusing passwords across multiple sites. Convenience typically wins over security when it comes to interacting online. Businesses must innovate convenient options for consumers to better protect their digital identities. In the meantime, monitoring customer and employee credentials is a business’ best bet for protecting their assets.

How does this breach affect the way businesses handle security? How can businesses and consumers prioritize security over convenience when it comes to protecting digital identities? Let us know what you think on Facebook, Twitter and LinkedIn.

Healthcare Data Breaches Have Grown 125 Percent in Five Years

By | May 26th, 2015|Breach, Uncategorized|

Healthcare BreachThere has been a noticeable uptick in the number of criminal attacks against healthcare facilities in the last five years. Ponemon recently released its Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data, which shared a 125 percent increase in cyber attacks targeting healthcare data. The major shift in healthcare data breaches, according to the study, is that cyber criminals are intentionally targeting and exploiting healthcare data rather than accidentally coming across it during their exploits.

This shift in active pursuit of healthcare data shows that cyber criminals understand the value of healthcare data on the black market. Through our recent research, we have found that a medical identity, which includes a name, address, Social Security and health ID numbers, sells for $50 on the black market. A Social Security number sells for $1 and an active credit card sells for $3. A major contributing factor to the increase in healthcare breaches may also be due to the shift to digital healthcare records. Starting this year, healthcare facilities that do not show “meaningful use” of electronic health records are penalized, causing facilities to scramble to put records online.

The healthcare industry is a green market when it comes to following best security practices, which is why we’ve put together the top three ways healthcare organizations can keep their patient records secure:

  1. Educate employees. The most important part of having a secure network is making sure your employees are compliant with security standards. Educate employees on how medical identity theft happens and what to do from a HIPAA standpoint to keep patient data safe.
  1. Track, encrypt and password-protect mobile devices. Employees are connected via mobile devices more than ever, whether or not you have a formal BYOD policy. Be sure to create a policy that puts strict limits on how patient data can be viewed and shared on devices.
  1. Create an identity crisis response plan. If your healthcare data is breached, make sure to have a crisis plan in place, including communication with patients. Maintain the plan by training staff on relevant policies and procedures.

Are you surprised by the value of medical identities on the black market? How else can the healthcare industry get up to speed on best security practices? Let us know what you think on Facebook, Twitter and LinkedIn.

How Infected Are We? A Closer Look at Malware

By | May 22nd, 2014|Uncategorized|

malware-infographicThis infographic and blog post is shared by Roscoe Crowell, freelance writer and security expert at toptenreviews.com.

Year after year malware continues to increase in volume and simultaneously becomes more dangerous. Last year alone, approximately 27 million new strains of malware were created and released into the wild. That’s about 74,000 new viruses per day.

So what exactly are we infected with? TopTenReviews created an infographic that details what kind of malware infects our devices and what we should be on the lookout for when it comes to protecting against malicious software. With more than 30 percent of households in the U.S. infected by malware, it’s important to be aware of what kinds of malware can affect you, your family and your business.

Additionally, more than ever, personal activities and professional activities are tied closely together, making your devices – no matter if it’s a personal or work device – a target for cyber criminals to steal data or financial records. Last year, one million U.S. households lost money or had accounts misused because of malware. This can be circumvented by awareness and good security habits.

With an estimated cost of $4.55 billion to U.S. households per year due to viruses, spyware and other malware, we need to up our protection efforts. The first step in prevention is awareness. As always, let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Load More Posts
WordPress › Error

There has been a critical error on this website.

Learn more about troubleshooting WordPress.