In late January, Germany’s Federal Office for Information Security, also known as BSI, revealed that the online accounts of 16 million Internet users have been accessed by hackers. BSI warned all affected by the data breach that they may be at risk of identity theft as a result of the data heist. The firm is believed to have set up a webpage where individuals can check if their information has been compromised.
This incident comes just days after a high profile data breach in which the South Korean Credit (KCB) rating bureau revealed a breach affecting 20 million personal details. The perpetrator, a temporary consultant working at KCB, is believed to have taken the confidential information and sold it onto phone marketing companies. The ex-employee as well as managers at the marketing companies that bought the database have been arrested. But there are fears that the information may have fallen into the hands of financial scammers.
South Korean regulators admitted that the stolen information from all three of the credit card companies was not encrypted. However after a major security firm were able to withdraw a government standard encryption algorithm back in September 2013 highlights the issue as to whether encryption is an adequate enough measure to keep personal data secure during its life and certainly questions it’s sustainability through life.
This incident highlights the risks of poor asset management security policies and procedures. According to Tabernus, companies are investing in through-life information security and asset management but very little attention is paid to end of life asset disposal process – an area that carries similar risks.
In today’s day and age it seems in the dawn of a new day a new data breach is rising resulting in millions of personal data being accessed and firms owing millions as a consequence. This scenario should not be seen as a common day to day incident but should be prevented and treated with extreme caution. Data breaches can bring an array of negative factors to a business ranging from financial loss to loss of brand reputation, these are just a few reasons to why firms need to ensure effective security polices and procedures are put in to place.