PRO+ Premium Content/Information Security
Access your Pro+ Content below.
No customer data leaks? Companies look down the rabbit hole
This article is part of the Information Security issue of October 2017, Vol. 19, No. 8
Leaks can be hard to stop. Just ask President Trump. Companies have released financial reports that cite major security incidents but claim there was no evidence of a data breach (A.P. Moller-Maersk), loss of data that could affect payment card security (Yahoo) or third parties' or customers' personal account information (Fed Ex Corp.). How can they be so sure? Other organizations -- like Equifax, Yahoo and more -- announce data theft months or years after the intrusions, and their 'timelines' of what they knew, and when, about these data leaks face scrutiny. Yahoo, now called Altaba, acknowledged personal account data leaks two years after the thefts took place and just months after the company had reached a $4.83 billion deal to be acquired by Verizon Communications. When Yahoo finally disclosed a massive 2014 data breach of up to five hundred million affected account holders in September 2016, some already had legal representation. Within weeks, Yahoo was facing data breach lawsuits from customers who claimed that the lapse ...
Features in this issue
-
Agnes Kirk on the role of CISO, Washington's state of mind
A state CISO champions innovation for Washington, from early development of a single sign-on system to leadership of the new Office of Cyber Security.
-
Columns in this issue
-
No customer data leaks? Companies look down the rabbit hole
When Yahoo finally disclosed a massive 2014 data breach to up to five hundred million affected account holders in September 2016, some already had legal representation.
-
Building a secure operating system with Roger R. Schell
The 'father' of the Orange Book has first-hand knowledge of the standards required for classified computer systems and the issues with subversion.