Written By Josh Applebaum And Presented By Charles Leaver Ziften CEO
Experian Have to Learn from Mistakes Of The Past And Implement A Continuous Monitoring Service
Working in the security sector, I have actually constantly felt my work was hard to explain to the average individual. Over the last few years, that has actually altered. Regrettably, we are seeing a new data breach revealed every few weeks, with many more that are kept private. These breaches are getting front page headlines, and I can now discuss to my friends what I do without losing them after a few sentences. However, I still question what it is we’re learning from all of this. As it ends up, numerous companies are not learning from their own errors.
Experian, the global credit reporting company, is a company with a lot to learn. Several months ago Experian announced it had discovered its servers had actually been breached and consumer data had been taken. When Experian revealed the breach they reassured clients that “our consumer credit database was not accessed in this event, and no credit card or banking info was taken.” Although Experian took the time in their announcement to assure their customers that their financial information had not been stolen, they further elaborated on what data in fact was taken: consumers’ names, addresses, Social Security numbers, birth dates, driver’s license numbers, military ID numbers, passport numbers, and additional information used in T- Mobile’s own credit assessment. This is scary for two reasons: the first is the type of data that was taken; the 2nd is the fact that this isn’t really the first time this has actually happened to Experian.
Although the cyber criminals didn’t walk away with “payment card or banking details” they did walk away with personal data that could be exploited to open brand-new charge card, banking, and other monetary accounts. This in itself is a reason the T-Mobile clients included need to be nervous. However, all Experian customers ought to be a little anxious.
As it ends up, this isn’t really the very first time the Experian servers have actually been jeopardized by hackers. In early 2014, T-Mobile had announced that a “relatively small” number of their customers had their personal details taken when Experian’s servers were breached. Brian Krebs has a very well-written blog post about how the hackers breached the Experian servers the very first time, so we will not enter into too much information here. In the first breach of Experian’s servers, hackers had exploited a vulnerability in the organization’s support ticket system that was left exposed without initially needing a user to confirm before using it. Now to the scary part: although it has actually ended up being widely understood that the cyber attackers made use of a vulnerability in the organization’s support ticket system to get access, it wasn’t until soon after the second hack that their support ticket system was closed down.
It would be difficult to imagine that it was a coincidence that Experian chose to take down their support ticket system just weeks after they revealed they had actually been breached. If this wasn’t a coincidence, then let’s ask: exactly what did Experian find out from the very first breach where consumers got away with delicate customer data? Companies who save their customers’ delicate details must be held accountable to not just protect their consumers’ data, but if likewise to make sure that if breached they patch the holes that are found while investigating the attack.
When companies are examining a breach (or possible breach) it is imperative that they have access to historical data so those investigating can aim to piece back together the puzzle of how the cyber attack unfolded. At Ziften, we offer a service that enables our clients to have a continuous, real time view of the whole picture that takes place in their environment. In addition to providing real-time visibility for finding attacks as they take place, our constant monitoring solution records all historical data to enable clients to “rewind the tape” and piece together what had actually occurred in their environment, no matter how far back they have to look. With this brand-new visibility, it is now possible to not only discover that a breach took place, but to also find out why a breach occurred, and hopefully learn from past errors to keep them from occurring once again.