How do you perform on a test that checks if you can leak sensitive information such as US Social Security numbers?

How are we testing?:

This test checks if a set of numbers that match the format of valid United States Social Security numbers can be sent out from your network. Your network security infrastructure should easily identify these numbers as Social Security numbers.

Why is this test important?:

Personal information is often the target of criminals, who use it to commit theft and fraud. When a breach of personal information occurs, it can expose your organization to negative press attention, federal enforcement actions, lawsuits from customers whose information was compromised, and other legal actions. You may also be assessed sizable penalties if you fail to comply with the numerous, and sometimes contradictory, requirements of various regional laws governing data breaches. Costs incurred include the provision of fraud monitoring for 1 year or more and remediation services to consumers affected.

Take our security preview now

How Much Does a Data Leakage Cost You?

15% of documented data leakage incidents involve US Social Security numbers with the average cost of a data breach estimated at $188 per customer record in 2013. In 2014, the State of South Carolina revealed a massive breach of social security and credit card numbers. Source

In the News:

UNC Health Care Mistakenly Leaks Patient Forms to Outside Agencies -

21 Mar 2017
The breach is the apparent result of those clinics mailing the pregnancy home risk screening forms of Medicaid-ineligible patients to local health departments. Those forms list the social security numbers, home addresses and demographic information of ...

Sensitive Data Leaks from Sex Toy, Marketing Database and Security Clearance Applications - Nextgov

20 Mar 2017
Personally identifiable information exposed in data breaches usually refers to names, emails, credit card numbers or maybe Social Security numbers. By that bar, collecting information about the frequency of vibrator use would be extremely personal.

US military leak exposes 'holy grail' of security clearance files - ZDNet

13 Mar 2017
The files, reviewed by ZDNet, contained a range of personal information, such as names and addresses, ranks, and Social Security numbers of more than 4,000 officers. ... Nevertheless, this would be the second breach of military data in recent months.

More »