STOLEN CREDENTIALS AND DATA BREACHES


For centuries conventional wisdom assures us that if we only build the wall strong enough we can keep the attacker out. The reality in the digital world of the 21st century, is that the bad guy is probably already inside our fortress. While everyone else is trying to build stronger walls, we are dealing with the reality of the threat that is inside or can penetrate our walls at will.

It is not just your own employees that you need to be concerned about. Your vendors and customers, over whom you have little control, may be one your greatest risk. Here are a few notorious examples:

• The OPM breach in which the security clearance applications and investigative reports of everyone (over 20 million) who has applied for or held a security clearance in the US in the last couple of decades was stolen – including the digital fingerprints of over 5 million of those with clearances – were taken using stolen vendor credentials.

• The Target breach in which up to 110 million customers had information compromised, including 40 million credit and debit cards and up to 70 million sets of personal information was facilitated by the use of stolen vendor credentials.

• Home Depot was successfully hacked and 56 million payment card numbers and 53 million email addresses were stolen through the use of stolen third party credentials.

• Verizon estimates that 38% of all attacks are with the use of stolen credentials.

OnlU specifically addresses this risk where others simply overlook the threat or deploy insufficient means. Even two-factor authentication is not effective against the thief who has all of the information – such as the digital fingerprints stolen from OPM.


Back to blog listing

 

© 2016 On!iUs Inc., 15250 Heather Mill Lane, Haymarket, Virginia 20169, USA. All Rights Reserved.