Being adequately prepared to respond to a data breach is an ever-changing game – new threats are emerging, new regulations are being put into place and companies must regularly re-evaluate their response plans to ensure they are applicable to today’s threat landscape. Unfortunately, many companies are not reviewing and updating their plans frequently enough – in fact, only 25 percent of companies say they update their response plans once or twice a year. Not to mention that no matter how well prepared and updated a company’s plan is, an actual live breach response can present unforeseen challenges that cause companies to stumble.
More than 40 percent of respondents in an Experian Data Breach Resolution survey said that they feel that monitoring financial transactions for fraud is too time-consuming, and 71 percent of respondents say they rely heavily on their bank or card issuer alerting them to fraud.
Anthem, Inc., the second top insurer in the U.S., has reported a data breach that could affect a large percentage of its 37.5 million customers, as well as employees and past customers. Early estimates report that this could be the largest data breach affecting a U.S.-based health insurer yet.
The U.S. Postal Service is the latest victim in a busy year of data breaches. Data from 750,000 employees and retirees, as well as information from 2.9 million postal service customers, has been affected.
Community Health Systems, which operates 206 hospitals around the U.S., announced today that in a recent data breach hackers stole data on 4.5 million patients, including names, Social Security numbers, addresses, birthdays and telephone numbers. The hackers did not steal information about patients’ medical histories, clinical operations or credit cards.
P.F. Chang’s China Bistro has confirmed Friday morning that there has been a data breach involving customers’ credit and debit cards used at its restaurants. After learning of the breach Tuesday, the company began an investigation with the U.S. Secret Service and a team of third-party forensics experts “to understand the nature and scope of the incident, and while the investigation is still ongoing, we have concluded that data has been compromised,” according to a statement from P.F. Chang’s CEO Rick Federico.
Following a massive cyberattack, eBay is reportedly facing a formal investigation with the government over security practices. The online auction site will have to answer questions about what type of security was in place before hackers gained access to the personal data of its 145 million users.
Headlines continue to highlight data breaches, especially those compromising payment, banking and personal data.
May 1, 2014
The silver lining to the breaches, according to the ACI report, is that although data breach-related fraud has had a negative impact on banks’ and financial institutions’ bottom lines, more than 40 percent of respondents indicated that their customers have appreciated the proactive outreach and response to market events, which helps to keep financial institutions on the right side of customer satisfaction, rebuilding brand trust.
Terrorism is changing. The Center for Cyber & Homeland Security at George Washington University is striving to bring science to the art of security decision-making. What can their research into cyberattacks, terrorism and the evolving threat environment do to help your enterprise? Read about this, sports security, security culture and awareness and more in the July issue.