Written By Josh Applebaum And Presented By Charles Leaver Ziften CEO
Experian Have to Learn from Past Errors And Implement A Constant Monitoring Solution
Operating in the security industry, I have actually constantly felt my job was hard to explain to the average individual. Over the last couple of years, that has actually changed. Regrettably, we are seeing a new data breach revealed every couple of weeks, with a lot more that are kept secret. These breaches are getting front page attention, and I can now explain to my friends exactly what I do without losing them after a couple of sentences. However, I still question what it is we’re learning from all this. As it ends up, numerous businesses are not learning from their own mistakes.
Experian, the worldwide credit reporting company, is a business with a lot to learn. A number of months ago Experian revealed it had discovered its servers had actually been breached and that consumer data had actually been stolen. When Experian announced the breach they reassured clients that “our consumer credit database was not accessed in this breach, and no payment card or banking information was acquired.” Although Experian made the effort in their announcement to assure their customers that their monetary details had not been taken, they further elaborated on what data in fact was taken: consumers’ names, addresses, Social Security numbers, date of birth, driver’s license numbers, military ID numbers, passport numbers, and additional details used in T- Mobile’s own credit evaluation. This is scary for 2 reasons: the first is the kind of data that was stolen; the second is the fact that this isn’t really the very first time this has taken place to Experian.
Although the hackers didn’t leave with “payment card or banking info” they did walk away with personal data that could be exploited to open new credit card, banking, and other monetary accounts. This in itself is a factor the T-Mobile consumers included ought to be nervous. However, all Experian consumers must be a little nervous.
As it ends up, this isn’t the first time the Experian servers have actually been compromised by hackers. In early 2014, T-Mobile had revealed that a “relatively small” number of their consumers had their individual info taken when Experian’s servers were breached. Brian Krebs has a really well-written blog post about how the hackers breached the Experian servers the first time, so we won’t enter into excessive detail here. In the very first breach of Experian’s servers, hackers had exploited a vulnerability in the organization’s support ticket system that was left exposed without first needing a user to confirm before using it. Now to the frightening part: although it has become extensively known that the cyber attackers utilized a vulnerability in the company’s support ticket system to get access, it wasn’t till right after the 2nd hack that their support ticket system was closed down.
It would be hard to believe that it was a coincidence that Experian decided to take down their support ticket system just weeks after they announced they had actually been breached. If this wasn’t a coincidence, then let’s ask: what did Experian find out from the very first breach where consumers got away with sensitive client data? Businesses who save their clients’ delicate details need to be held accountable to not only protect their clients’ data, however if also to make sure that if breached they patch the holes that are found while investigating the attack.
When businesses are examining a breach (or prospective breach) it is crucial that they have access to historic data so those investigating can try to piece back together the puzzle of how the cyber attack unfolded. At Ziften, we provide a solution that enables our consumers to have a continuous, real-time view of the whole picture that takes place in their environment. In addition to offering real time visibility for identifying attacks as they happen, our constant monitoring system records all historical data to allow consumers to “rewind the tape” and piece together what had actually happened in their environment, regardless of how far back they need to look. With this new visibility, it is now possible to not just find out that a breach happened, but to likewise find out why a breach happened, and ideally learn from previous errors to keep them from taking place again.