When sensitive personal information is compromised in a data breach, organizations have a responsibility to help those impacted recover from the incident. These responses vary significantly, but they should foundationally include understanding what happens to personal information after it’s stolen. Personal data can be quickly bought and sold on the Dark Web, so hiring an expert MSP to monitor this environment is a staple of any comprehensive response that can begin restoring an organization’s reputation and protecting those affected.
A social planning service and a national clinical laboratory are just two recent examples of organizations working to mitigate a network security breach. Read their cyber stories as well as a few key network protection takeaways every company should consider.
Case Study 1
Threat Type: Unauthorized system access
Hackers were able to access Evite’s network, which allowed them to download an inactive data storage file containing the personal information of millions of customers. Despite being notified of the breach on April 15, the company is only now acknowledging it.
The company’s slow response time and lax security standards will now require it to incur the fees of third-party cybersecurity analysts as well as cascading reputational costs that are difficult to quantify and even more challenging to repair. The compromised information could include names, usernames, email addresses, dates of birth, phone numbers and mailing addresses. In the meantime, the company is encouraging users to reset their passwords, a modest first step for such a traumatic incident.
Case Study 2
Organization: Quest Diagnostics
Threat Type: Unauthorized network access
A collection firm partnering with Quest Diagnostics encountered a data breach that directly impacted nearly 12 million of the lab’s patients. In response, Quest is partnering with a third-party cybersecurity organization to ensure proper breach notification standards are followed.
The scope of this incident is astounding; it includes patient information, financial data and social security numbers, along with other medical data. While test results were not included in the breach, this extensive trove of valuable information can quickly make its way to the Dark Web.
Even though the event precipitated at a separate organization, Quest Diagnostics will bear the financial and reputational burden of a data breach compromising the most sensitive information in people’s lives – that related to their health.
Assess Your Risk, Partner with KLH
Instead of waiting for an IT disaster to strike, proactive business owners must implement comprehensive IT disaster plans to reduce, mitigate and plan for potential threats. You may be prepared to deal with extreme weather but, even in Minnesota, it is still more likely that everyday events, data breaches or human error will cause IT failure.
How strong are your IT security policies? Take time to read our blog, Why IT Policies & Standards Matter for Your Business.
Schedule an assessment or simply talk to one of our IT security professionals to learn more about how an even stronger technology plan will help you avoid an IT disaster. Click here or call us today at 952-258-8200.