Reply with 150-250 words
Capital One Bank reported a data breach on July 19, 2019 which affected an estimated 100 million people in the United States and another 6 million customers in Canada. According to a USA Today article, White, W. (2019, July 30) USA Today Retrieved from https://www.usatoday.com/story/money/2019/07/29 on October 14, This data breach was conducted by a “former software engineer who was accused of stealing data” ……..in what is considered “to be one of the top 10 largest data breaches ever.” Data involved in this data breach included “social security numbers, names, addresses, phone numbers, date of births” etc.
It is my opinion, no one will ever know the financial loss of such a data breach which is why financial institutions should have a cyber insurance policy in place. In addition to the costs of the actual data breach there are other associated costs that will include forensics investigators, downtime, staff overtime, additional staff and that doesn’t include the reputational loss costs. When I worked for the bank one of the things, we used to say is customers are not loyal when it comes to the security and safety of their money. I used to say, “one and done” meaning if the bank is ever impacted by a data breach there will be huge reputational risk implications. I used to say also it’s not a matter of “if” the Bank was going to experience a data breach it’s more a matter of “if , when and how much data” are the attackers going to get which is why we had multiple layers of controls in place hoping to minimize the impact of a data breach.
From my research of this data breach it appears that Capital One staff did everything they should have done. I can’t think of anything else I could add. They determined what caused the breach, they notified the FBI and then they notified the public in the required amount of time. They then went into damage control and offered impacted customers identity theft insurance for a certain time period.
In my opinion, non-public personal information such as social security numbers, name, address, date of birth, account numbers and transactional data should not be in the cloud. Another point I’d like to make is when considering storing data in the cloud one needs to determine where the actual servers are located. Are they located in the United States or offshore? My thoughts regarding preventing cyber attacks are all related to hardening the system through access controls within an organization and it all starts with information assurance training for the end user and access control. It would appear to me that maybe the Capital One data breach could have been prevented if the hacker did not have a back door into the system which relates to access control. I do not know for sure what happened but that is just an educated guess.
White, July 30, 2019, Capital one data breach 2019: 13 things for customers to know, usatoday, https://www.usatoday.com/story/money/2019/07/29
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more