|How do you perform on a test that checks if you can leak sensitive information such as US Social Security numbers? |
How are we testing?:
This test checks if a set of numbers that match the format of valid United States Social Security numbers can be sent out from your network. Your network security infrastructure should easily identify these numbers as Social Security numbers.
Why is this test important?:
Personal information is often the target of criminals, who use it to commit theft and fraud. When a breach of personal information occurs, it can expose your organization to negative press attention, federal enforcement actions, lawsuits from customers whose information was compromised, and other legal actions. You may also be assessed sizable penalties if you fail to comply with the numerous, and sometimes contradictory, requirements of various regional laws governing data breaches. Costs incurred include the provision of fraud monitoring for 1 year or more and remediation services to consumers affected.
How Much Does a Data Leakage Cost You?
15% of documented data leakage incidents involve US Social Security numbers with the average cost of a data breach estimated at $188 per customer record in 2013. In 2014, the State of South Carolina revealed a massive breach of social security and credit card numbers. Source
|In the News:|
23 Jul 2017
Wells Fargo accidentally leaks 50,000 clients' records. The bank accidentally sent ... While 1.4GB of files doesn't seem that big, the collection includes at least 50,000 customers' names, Social Security numbers and sensitive financial info. According ...
16 Jul 2017
100m Indians in dark over data leaks. Reuters / Khmer Times No Comments Share: ... In contrast to companies in the European Union, which has stringent data protection standards, companies in India do not have to disclose data breaches to clients ...
12 Jul 2017
Earlier this week, India's telecom operator Reliance Jio allegedly experienced a data breach after personal details of some of the Jio subscribers were leaked on a website, 'Magicapk.com.' The breach was first reported by technology website Fonarena ...