No Data is an Island: One Infosec Pro’s Experience As a Consumer Involved in a Data Breach

Share and earn Cybytes
Facebook Twitter LinkedIn Email

British Airways (BA) was hit by a major breach that resulted in a loss of customer records. I was notified promptly by BA. I thought their public response was timely. By the way, this breach was announced while I was about to board a BA flight to Heathrow. My credit card was used to purchase my tickets multiple times. My card was not impacted during my travel to the UK and subsequent dates before yesterday Oct. 1. 

Yesterday, I got a text from my credit card provider saying my card had been affected and requested I call them. Thinking this may be social engineering, I looked at the card and called the number on the back instead. As soon as I spoke to a person they simply said my card had been compromised. I kind of knew this was coming. Crypto much?

My credit card company took immediate action upon noticing strange behavior. They cancelled the card. No big deal. I am home until next week. My card is being sent and must be signed for. I have gotten text messages about its travel every step of the way. This is actually as great of a consumer experience as there could be given the circumstances. I lost no money. Fraud activity was detected immediately and I was notified as the consumer. Sept 5 to Oct. 1 is 24 days. 24 days or less for the attackers to use the data. That’s how volatile the data actually is. That’s a small window for the attackers to work within. If I factor in the size of the problem and how many attacks occur, I have to say, from a consumer response perspective, this is a pretty great response.

Putting my infosec hat back on for a second. A third-party noticed activity immediately based on correlated data from the breach and behavioral activity that occurred. The baseline deviated. They escalated an alert. The alert was triaged by a human. The human confirmed the alert and reached out to take response action. The third party then closed the account and issued a new one. If a program could do this with accounts alone in real time would be a huge advantage to the defenders. The stream of events and correlation allows for real-time response with high confidence actionable intelligence.

All things considered, while it’s concerning my data got breached, I feel that between my credit card company (and me) taking proactive steps such as: using separate passwords for sites, using one card for all travel purposes (limiting my risk to one card impacted), and understanding the realities of cybersecurity and eCommerce have helped to ease the pain greatly. While this might not be everyone’s experience with a breach, I wanted to take a minute to say that on this particular one, we seem to be doing a good job responding and I think we should take a minute to celebrate the wins as well.

The only way we win this is to pull together, share more and be less afraid to talk about what happened and get to the actual root causes. Unfortunately, it’s the price of doing business today. We still have lots of work to do. We need to continue to learn from processes like fraud detection and alert triage. No team is perfect and we all depend on someone else’s security program. Our data is everywhere. There is simply no way to partake in the modern business of being human without that. The interconnection of companies and humans is being used against us. We have made great strides in cooperation and sharing but more is needed. If one program fails, all of our programs fail. One attack against any of us should make all of us better. No data is in an island.

Let’s all get through this together.


The post No Data is an Island: One Infosec Pro’s Experience As a Consumer Involved in a Data Breach appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?