The Rippleshot Data Breach Blog

Data Breach Ripples: Week of May 29

Written by Zach Walker | May 29, 2015 6:00:00 PM

In this week's issue: the IRS data hack appears to be linked back to Russia, North Dakota amends its state data breach law, six deadly data breach prevention sins for financial institutions, the average cost of a data breach rises to $3.8 million and we take a look at how many personal records have been exposed in 2015 due to data breaches.

CNN: U.S. IRS DATA BREACH TRACKED BACK TO RUSSIA

Early this week, the U.S. Internal Revenue Service (IRS) announced that an unknown number of cybercriminals gained access to the 2014 tax returns of more than 100,000 taxpayers. According to the IRS, the tax returns were accessed via the agency’s “Get Transcript” feature, where detailed tax return information was saved for later access.

On Wednesday, CNN reported that sources close to the investigation believe the data theft initially originated in Russia. As the investigation continues, the Senate Finance Committee, which presides over the IRS, will begin a hearing next Tuesday on the data theft.

NORTH DAKOTA DATA BREACH NOTIFICATION LAW AMENDED

On August 1, 2015, North Dakota will become the latest state to update its data breach notification law. North Dakota Governor Jack Dalrymple signed Senate Bill No. 2214, an amendment to the current law, which would widen the scope of businesses that must report a data breach. Originally, only those who conduct business in North Dakota are subject to the data breach notification law.

After August 1, “any person that owns or licenses computerized data that includes personal information, shall disclose any breach of the system following discovery.” As more states continue to amend their respective data breach notification laws, the Senate Consumer Protection & Data Security Subcommittee is making sure that we as a country get data breach and notification legislation right. 

SIX DEADLY DATA BREACH PREVENTION SINS

Since 2013, over 3 billion records across the globe have been lost or stolen due to data breaches. In the upcoming issue of Credit Union Times, CU Times covers the top cybersecurity sins that could interfere with a financial institution’s data breach prevention plans. Get a sneak peak at six deadly data breach prevention sins, ranging from password strength, IT security and insider threats. In order to best combat future security incidents, organizations need a security plan that implements both prevention and detection solutions. 

COST OF A DATA BREACH INCREASES TO AVERAGE OF $3.8 MILLION

When the 2014 Cost of Data Breach Study: Global Analysis was released by the Ponemon Institute, the average cost of a data breach to a company was $3.5 million, up 15 percent compared to last year. On Wednesday, IBM and the Ponemon Institute released a new study with updated figures on the rising cost of a data breach for organizations of any size.

The total average cost of a data breach for a company is now up to $3.8 million, with the cost of each record lost or stolen costing $154 per record. It’s worth noting that the authors of this study mentioned that these average costs did not apply to the catastrophic data breaches that affected Anthem, Home Depot, JPMorgan Chase and Target.

RIPPLESHOT CONTENT: HOW MANY PERSONAL RECORDS HAVE BEEN EXPOSED IN 2015?

This week, we recap three of the largest data breaches to affect U.S. consumers in 2015. With over 102 million records exposed in 2015 alone, data breaches have severely impacted the payments industry. In 2015, we’ve seen organizations from a variety of industries fall victim to a data breach, ranging from Sally Beauty Holdings, Uber, Auburn University and Anthem Inc.

As of May 26, 2015, our friends at the Identity Theft Resource Center (ITRC) have identified 315 public data breaches for 2015. Out of the 102 million-plus records exposed, 98 percent of said records were exposed in three data breaches. Click here to see which catastrophic data breaches.

SHARING IS CARING. TO GET YOUR FRIENDS AND COWORKERS SUBSCRIBED, SEND THEM HERE.