|How do you perform on a test that checks if you can leak sensitive information such as credit card numbers? |
How are we testing?:
This test checks if a set of numbers that match the format of valid credit card numbers can be sent out over your network. Your network security infrastructure should easily identify these numbers as credit cards and apply a block to them.
Why is this test important?:
For organizations requiring PCI compliance, Credit Card data must be protected. Credit card numbers are often the target of criminals who use them to commit theft and fraud. When a breach of credit card information occurs, it can expose your organization to negative press attention, federal enforcement actions, lawsuits from customers whose information was compromised and other legal actions. You may also be assessed sizable penalties if you fail to comply with the numerous, and sometimes contradictory, requirements of various regional laws governing data breaches. Costs incurred include the provision of fraud monitoring for 1 year or more and remediation services to consumers affected.
How Frequently Do Data Breaches Occur?
Data breach incidents doubled to more than 1,400 annually over a 5-year period 2009-13 with a data breach in the US costing $188 per customer record in 2013. Recently, Home Depot, Target and the State of South Carolina revealed massive data breaches compromising the credit card numbers of millions of customers.
In Home Depot's case, the breach has triggered government investigations, possible fines and a review by ratings agencies.Source
|In the News:|
23 Mar 2017
Whether they were affected by this leak or the company's previous breach last year, there are proactive steps they can take to help safeguard their data online. “The best precaution is to immediately clear all cookies, saved passwords and ... From ...
22 Mar 2017
There would be checks and double-checks on every “door” patient data could leak. From back office employee, outside ... phone numbers, and so on. These attributes are harder to change than a credit card number, and more dangerous for a criminal to have.
20 Mar 2017
Saks is the latest high-end brand to have a data breach, while Neiman Marcus has agreed to settle with those affected by a 2013 credit card information leak. As ecommerce becomes more of a common practice for affluent consumers making high-end ...