FDIC hit with more than 50 security breaches over two years

Picasa 3.0
The Federal Deposit Insurance Corp. (FDIC) is facing another wave of cybersecurity woes this week following a new report from the Office of Inspector General.
小到电话号码,大到银行卡号密码都属于个人隐私的范畴,如何有效地管理这类信息,是每个人必学的功课。

The report says the FDIC may have suffered more than 50 security breaches in 2015 and 2016 that compromised personal information on hundreds of thousands of US citizens.
What’s equally concerning is the FDIC’s seemingly lackluster response to some 54 suspected or confirmed breaches over those two years. The report concludes that the FDIC took an average of 288 days — or more than 9 months — to notify individuals potentially affected by the hacks.
Moreover, the FDIC apparently did not complete key breach investigation activities like impact and risk assessments in the timeframe required by the Data Breach Handling Guide (DBHG) — the breach response protocol that the FDIC itself set up.
The delayed response is problematic, according to the report, because “the longer it takes to complete breach investigation activities and notify potentially affected individuals, the greater the risk of harm that may come to individuals because they cannot quickly take proactive actions to protect themselves.”
For those who don’t know, the FDIC is a government corporation that insures deposits in US banks up to $250,000. The insurance scheme was set up to help prop up the banking industry in case of breaches, thefts, or banking failures.
The FDIC has been under fire for more than a year regarding a bevy of security incidents that were not reported to the proper congressional committees until months after they were discovered. At least seven of the incidents occurred when outgoing FDIC employees left the agency with downloaded files of personally identifiable information, including Social Security numbers and loan and banking information of US citizens.
中国企业试探海外,培养跨国人才,管控海外风险需高招:
what’s hot on zdnet
10 reasons the Galaxy Note 8 is better than the Google Pixel 2 XL for business
Uber app can silently record iPhone screens, researcher finds
Car infotainment is ‘too dangerous’ to use driving: So what’s riskier, voice or buttons?
One month with the Samsung Galaxy Note 8: The S Pen rises above all else
Could blockchain run a city state? Inside Dubai’s blockchain-powered future
互联网在网络安全上影响力还是非常大的,收购一些创新的安全小厂可以来扩大产品线和技能能力,以弥补安全产品线的不全。

猜您喜欢

《工业控制系统信息安全事件应急管理工作指南》解读
闲话保密委员会与信息安全委员会“两委”合一
Security-Frontline-安全前线
信息安全事件捂着盖着还是立即通报
UPCOMINGHORRORMOVIES MOVIE-TRAINS
安全意识宣传——如何选择安全的密码