CYBR650 – Week 9 Blog – Dooley
November 15, 2014
In this week’s homework, people were
mentioning the breach at the United States Postal Service. I hadn’t really watched the news all week and
didn’t know anything about what was going on.
So I looked into it a little more.
If you already know what is going on, I apologize for repeating
anything. If you are like me and haven’t
caught the news, here’s the scoop.
The USPS experienced a breach putting
the Personal Information of over 800,000 people, including employees, top
Directors, retirees and regulator’s PI.
The breach may have compromised their names, addresses and Social
Security numbers. It is also possible
that an unknown number of customers may also have been affected, but not to the
same degree as the other victims.
So far there is no evidence of
malicious activity of the compromised data but the USPS claims to be taking
steps to assist their employees protect themselves against any potential misuse
of their data. The USPS also claims that
they have “significantly strengthened its systems to prevent future attacks”. (Stevens,
2014)
The Postal
Service further reports that their payment systems, both online and at the
physical post offices were not compromised, nor were any customer credit and debit
card information affected. However, is
possible that any customers that called into the customer-care center of the
USPS between January 1, 2014, and August 16, 2014, may have had less serious PI
such as their names, address, phone numbers, and e-mail addresses may have been
compromised.
The USPS first
became aware of suspicious activity in mid-September and they believe that the
hackers breached their systems some time after that. The USPS reports that at that time, they took
immediat action, including having experts investigage and stop the breach. They report that they are just now reproting
this breach to the public because had they revealed it earlier, it could have
put the efforts to minimize the breach at stake.
While the
source of the attack is not yet known, it is felt that it is pretty obvious
that the breach was done by a sophisticated person or group. In fact, they report that the attack is very
similar to attacks seen at other government agencies annd large corporations. Investigators feel that are some ties in this
breach that are similar to an attack on the White House in late October and
that evidence points to China as being behind the breach. In fact, the Washington Post reported.
The piece I
was reading then went onto to discuss other major breaches that have been
reported in the recent past.
It kind of
surprises me that these big corporations continue to experience these
breaches. You think after a couple of the them experienced huge breaches, they
would start to strengthen their networks and provide more protection. However, I realize it is wrong of me to
assume they are not doing this as it is very possible for hackers to be a step
ahead of everything, but it is just curious that the same types of attacks keep
occuring.
REFERENCES
Stevens, L. a. (2014, November
10). U.S. Postal Service Says It Was Victim of Data Breach - The Wall Street
Journal. Retrieved from wsj.com: http://online.wsj.com/articles/u-s-postal-service-says-it-was-victim-of-data-breach-1415632126
No comments:
Post a Comment