FDIC hit with more than 50 security breaches over two years

The Federal Deposit Insurance Corp. (FDIC) is facing another wave of cybersecurity woes this week following a new report from the Office of Inspector General.
The report says the FDIC may have suffered more than 50 security breaches in 2015 and 2016 that compromised personal information on hundreds of thousands of US citizens.
What’s equally concerning is the FDIC’s seemingly lackluster response to some 54 suspected or confirmed breaches over those two years. The report concludes that the FDIC took an average of 288 days — or more than 9 months — to notify individuals potentially affected by the hacks.
Moreover, the FDIC apparently did not complete key breach investigation activities like impact and risk assessments in the timeframe required by the Data Breach Handling Guide (DBHG) — the breach response protocol that the FDIC itself set up.
免费的病毒查杀软件往往是轻量级的,安全功能不够全面,厂商往往希望用户习惯了免费的之后,付费选择功能更强大的产品。
The delayed response is problematic, according to the report, because “the longer it takes to complete breach investigation activities and notify potentially affected individuals, the greater the risk of harm that may come to individuals because they cannot quickly take proactive actions to protect themselves.”
网络安全法普法宣传 004《网络安全法》的突出亮点
For those who don’t know, the FDIC is a government corporation that insures deposits in US banks up to $250,000. The insurance scheme was set up to help prop up the banking industry in case of breaches, thefts, or banking failures.
The FDIC has been under fire for more than a year regarding a bevy of security incidents that were not reported to the proper congressional committees until months after they were discovered. At least seven of the incidents occurred when outgoing FDIC employees left the agency with downloaded files of personally identifiable information, including Social Security numbers and loan and banking information of US citizens.
what’s hot on zdnet
Microsoft is bringing new Edge apps to iOS, Android
​Google launches Pixel 2, Pixel 2 XL: AI first phones for $649, $849
Could blockchain run a city state? Inside Dubai’s blockchain-powered future

Google’s $1,000 Pixelbook is what Apple’s MacBook should be
Lenovo’s ThinkPad turns 25: Here are 25 facts to mark the anniversary
多家安全厂商受到攻击,黑客通过数据库注入获得员工、合作伙伴和销售人员的邮件地址,这些日子网络安全厂商被黑的事故真多,这真令人担心,安全公司连自己都保护不了,如何保护客户啊。

猜您喜欢

大数据与信息安全(四)数据信息与安全管理
社交网络安全之机密张贴
网络安全法宣传片 002 国家网络安全的现状与重要性概述
高速太堵车!司机路边水沟钓小龙虾打发时间
SUDANINET CELEBONBIKINI
保密知识第一课——准确定密并正确标识国家秘密