How do you perform on a test that checks if you can leak sensitive information such as credit card numbers?

How are we testing?:

This test checks if a set of numbers that match the format of valid credit card numbers can be sent out over your network. Your network security infrastructure should easily identify these numbers as credit cards and apply a block to them.

Why is this test important?:

For organizations requiring PCI compliance, Credit Card data must be protected. Credit card numbers are often the target of criminals who use them to commit theft and fraud. When a breach of credit card information occurs, it can expose your organization to negative press attention, federal enforcement actions, lawsuits from customers whose information was compromised and other legal actions. You may also be assessed sizable penalties if you fail to comply with the numerous, and sometimes contradictory, requirements of various regional laws governing data breaches. Costs incurred include the provision of fraud monitoring for 1 year or more and remediation services to consumers affected.

Take our security preview now

How Frequently Do Data Breaches Occur?

Data breach incidents doubled to more than 1,400 annually over a 5-year period 2009-13 with a data breach in the US costing $188 per customer record in 2013. Recently, Home Depot, Target and the State of South Carolina revealed massive data breaches compromising the credit card numbers of millions of customers.
In Home Depot's case, the breach has triggered government investigations, possible fines and a review by ratings agencies.Source

In the News:

Massive Amazon S3 leaks highlight user blind spots in enterprise ... - TechRepublic

18 Jul 2017
Data leaks at Dow Jones, Verizon, and a GOP analytics firm show that companies are forgoing security best practices in order to quickly make it to the cloud.

Verizon, Dow Jones leaks a reminder: safeguard your cloud data - USA TODAY

15 Jul 2017
And over the weekend, Wall Street Journal parent Dow Jones & Co. said the records of 2.2 million customers, which in some cases included names, addresses, account information and the last four digits of credit card numbers, were left exposed in an ...

Automobile Association under fire for car-crash handling of data breach - The Register

04 Jul 2017
Troy Hunt, the security researcher behind the haveibeenpwned website, warned that the leak contained partial payment details (the last four figures of credit card numbers) as well as names and other sensitive information. Expiry dates and the final ...

More »