Charles Leaver – By Using Continuous Monitoring Experian Will Be Able To Learn From Past Errors

Written By Josh Applebaum And Presented By Charles Leaver Ziften CEO

Experian Need To Learn from Mistakes Of The Past And Implement A Constant Monitoring System

Working in the security industry, I’ve always felt my job was hard to explain to the average person. Over the last couple of years, that has actually altered. Regrettably, we are seeing a new data breach announced every couple of weeks, with much more that are kept private. These breaches are getting front page attention, and I can now discuss to my friends exactly what I do without losing them after a couple of sentences. However, I still question what it is we’re gaining from all of this. As it turns out, numerous companies are not learning from their own mistakes.

Experian, the global credit reporting company, is a company with a lot to learn. A number of months ago Experian revealed it had discovered its servers had actually been breached and that consumer data had actually been stolen. When Experian revealed the breach they assured customers that “our consumer credit database was not accessed in this breach, and no credit card or banking information was obtained.” Although Experian put in the time in their announcement to reassure their clients that their monetary info had not been stolen, they further elaborated on what data in fact was stolen: clients’ names, addresses, Social Security numbers, birth dates, driver’s license numbers, military ID numbers, passport numbers, and extra information utilized in T- Mobile’s own credit assessment. This is frightening for 2 reasons: the first is the type of data that was stolen; the second is the fact that this isn’t really the very first time this has actually occurred to Experian.

Although the cyber criminals didn’t walk away with “payment card or banking information” they did walk away with individual data that could be exploited to open brand-new charge card, banking, and other monetary accounts. This in itself is a factor the T-Mobile customers included should be concerned. However, all Experian clients ought to be a little anxious.

As it turns out, this isn’t the first time the Experian servers have actually been jeopardized by cyber attackers. In early 2014, T-Mobile had announced that a “reasonably small” number of their customers had their individual details stolen when Experian’s servers were breached. Brian Krebs has a really well-written post about how the hackers breached the Experian servers the very first time, so we won’t get into too much information here. In the very first breach of Experian’s servers, hackers had made use of a vulnerability in the organization’s support ticket system that was left exposed without initially requiring a user to validate before utilizing it. Now to the frightening part: although it has actually ended up being widely known that the cyber attackers made use of a vulnerability in the organization’s support ticket system to gain access, it wasn’t until right after the second hack that their support ticket system was shut down.

It would be hard to believe that it was a coincidence that Experian chose to take down their support ticket system mere weeks after they announced they had been breached. If this wasn’t a coincidence, then let’s ask: what did Experian learn from the first breach where customers got away with delicate customer data? Businesses who save their clients’ delicate info ought to be held responsible to not only secure their consumers’ data, but if also to guarantee that if breached they patch the holes that are discovered while investigating the attack.

When companies are examining a breach (or possible breach) it is essential that they have access to historic data so those investigating can try to piece back together the puzzle of how the attack unfolded. At Ziften, we provide a solution that enables our customers to have a continuous, real time view of everything that happens in their environment. In addition to providing real-time visibility for finding attacks as they happen, our constant monitoring solution records all historical data to enable clients to “rewind the tape” and piece together what had taken place in their environment, no matter how far back they need to look. With this new visibility, it is now possible to not only learn that a breach took place, but to also find out why a breach took place, and ideally learn from past errors to keep them from happening once again.