Find one concrete example of “bad behavior” in the online space. In your blog post for this week, briefly summarize what happened…
Who was involved, and what was the outcome?
Experian is a data managing system that connects consumers to banks, businesses, and investors. Experian experienced a hack in October 2013 that resulted in the leak of 200 million personal records of users. The leak included sensitive information like names, addresses, social security numbers, driver’s licenses, and dates of birth. According to Experian, it was targeted against those who applied for financing through T-Mobile from 2013 through 2015, affecting over 15 million users.
Was there financial loss or damage to someone’s reputation?
This affected the reputation of Experian and all the users whose personal information got leaked as they were left vulnerable to identity theft. This has led to numerous privacy concerns, with those who use Experian questioning the validity of the security measures they have in place. There have been multiple hacks of the Experian servers in recent years and many users experienced identity theft because of the information that had been leaked. The results of identity theft can be disastrous to anyone’s life.
Were the criminals held accountable?
The criminals responsible for the breach were not found or punished. Nevertheless, Experian assured the public that law enforcement had been notified and was looking into the matter. As it was a remote hack connected to T-Mobile’s servers and they didn’t become aware of the breach for two years it was virtually impossible to track down the perpetrators.
What practical lessons can we learn as a result of this example (i.e., what will you do to avoid being similarly victimized?)
Something we can do to avoid a similar issue is to check the security measures of the sites we give our private information. By double-checking this, we can better ensure the security and privacy of our important information. There is also something a company like Experian could have done to better protect the information entrusted to them like hiring a group of “white hats” that would attempt to break into their system and alert them of any holes or vulnerabilities. Some things to be wary of and stay better protected from are social engineering attempts, unreliable websites, strange USBs, and unprotected internet connections. Some active steps you can use are VPNs, strong passwords, and trusted data-managing systems.
https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/
https://krebsonsecurity.com/2015/10/experian-breach-affects-15-million-consumers/