How do you perform on a test that checks if you can leak sensitive information such as US Social Security numbers?

How are we testing?:

This test checks if a set of numbers that match the format of valid United States Social Security numbers can be sent out from your network. Your network security infrastructure should easily identify these numbers as Social Security numbers.


Why is this test important?:

Personal information is often the target of criminals, who use it to commit theft and fraud. When a breach of personal information occurs, it can expose your organization to negative press attention, federal enforcement actions, lawsuits from customers whose information was compromised, and other legal actions. You may also be assessed sizable penalties if you fail to comply with the numerous, and sometimes contradictory, requirements of various regional laws governing data breaches. Costs incurred include the provision of fraud monitoring for 1 year or more and remediation services to consumers affected.


Take our security preview now

How Much Does a Data Leakage Cost You?

15% of documented data leakage incidents involve US Social Security numbers with the average cost of a data breach estimated at $188 per customer record in 2013. In 2014, the State of South Carolina revealed a massive breach of social security and credit card numbers. Source

In the News:

Wells Fargo accidentally leaks 50000 clients' records - Engadget

23 Jul 2017
Wells Fargo accidentally leaks 50,000 clients' records. The bank accidentally sent ... While 1.4GB of files doesn't seem that big, the collection includes at least 50,000 customers' names, Social Security numbers and sensitive financial info. According ...

100m Indians in dark over data leaks - Khmer Times

16 Jul 2017
100m Indians in dark over data leaks. Reuters / Khmer Times No Comments Share: ... In contrast to companies in the European Union, which has stringent data protection standards, companies in India do not have to disclose data breaches to clients ...

Data thief leaks 100 million account information, taken into custody - Deccan Chronicle

12 Jul 2017
Earlier this week, India's telecom operator Reliance Jio allegedly experienced a data breach after personal details of some of the Jio subscribers were leaked on a website, 'Magicapk.com.' The breach was first reported by technology website Fonarena ...

More »

LEADERS SELECT LEADERS