Daily Archives: January 29, 2016

Charles Leaver – In Order To Learn From Their Previous Errors Experian Need To Use Continuous Monitoring

Published by:

Written By Josh Applebaum And Presented By Charles Leaver Ziften CEO

Experian Need To Learn from Past Errors And Implement A Continuous Monitoring Solution

Operating in the security sector, I’ve always felt my job was hard to explain to the typical individual. Over the last couple of years, that has actually changed. Regrettably, we are seeing a brand-new data breach announced every few weeks, with much more that are kept secret. These breaches are getting front page headlines, and I can now discuss to my friends exactly what I do without losing them after a few sentences. Nevertheless, I still question what it is we’re learning from all of this. As it turns out, many businesses are not learning from their own errors.

Experian, the worldwide credit reporting firm, is a business with a lot to learn. A number of months ago Experian announced it had actually found its servers had actually been breached and that client data had been taken. When Experian revealed the breach they reassured consumers that “our consumer credit database was not accessed in this incident, and no credit card or banking info was taken.” Although Experian made the effort in their announcement to assure their consumers that their financial details had not been taken, they elaborated further on what data actually was stolen: clients’ names, addresses, Social Security numbers, birth dates, driver’s license numbers, military ID numbers, passport numbers, and additional information utilized in T- Mobile’s own credit evaluation. This is scary for two reasons: the very first is the kind of data that was taken; the 2nd is the fact that this isn’t the very first time this has actually taken place to Experian.

Although the hackers didn’t leave with “payment card or banking details” they did walk away with personal data that could be exploited to open new credit card, banking, and other financial accounts. This in itself is a factor the T-Mobile consumers included ought to be nervous. However, all Experian consumers ought to be a little worried.

As it ends up, this isn’t really the very first time the Experian servers have been jeopardized by hackers. In early 2014, T-Mobile had actually announced that a “reasonably small” number of their customers had their personal details taken when Experian’s servers were breached. Brian Krebs has an extremely well-written blog post about how the hackers breached the Experian servers the first time, so we won’t enter into excessive information here. In the very first breach of Experian’s servers, hackers had exploited a vulnerability in the organization’s support ticket system that was left exposed without initially needing a user to confirm before utilizing it. Now to the scary part: although it has actually become widely understood that the hackers made use of a vulnerability in the company’s support ticket system to provide access, it wasn’t up until not long after the 2nd hack that their support ticket system was shut down.

It would be difficult to imagine that it was a coincidence that Experian chose to close down their support ticket system mere weeks after they announced they had been breached. If this wasn’t a coincidence, then let’s ask: exactly what did Experian find out from the first breach where consumers got away with sensitive client data? Companies who save their clients’ delicate info must be held accountable to not just protect their consumers’ data, but if likewise to make sure that if breached they plug up the holes that are discovered while examining the attack.

When businesses are investigating a breach (or possible breach) it is important that they have access to historical data so those investigating can attempt to piece back together the puzzle of how the cyber attack unfolded. At Ziften, we offer a solution that permits our customers to have a continuous, real-time view of the whole picture that occurs in their environment. In addition to supplying real-time visibility for identifying attacks as they happen, our constant monitoring system records all historic data to enable customers to “rewind the tape” and piece together what had taken place in their environment, despite how far back they have to look. With this new visibility, it is now possible to not only discover that a breach occurred, but to likewise discover why a breach occurred, and hopefully learn from past errors to keep them from happening again.