As Identity Theft Awareness Week continues, we need to consider the source and root of identity theft incidents. Those who perpetrate identity theft schemes are often second (or third)-hand users of the identity data. The chain begins with either the organization that leaks the data or the criminal that illegally removes the data from its source.
This case has been proven today with the release of news that a US Navy couple used both their own credentials and the falsified credentials of other US Navy staff to access personal information on over 9,000 individuals from a database. Once accessed, the personal data was not used for the couple’s own benefit, but rather sold to others in exchange for Bitcoin payments. While their attorney claims that the database access was ‘clearly in their scope of work,’ it’s quite obvious that the US Navy and the database owners were not intending the scope of work to include the sale of personal data.
We see this type of infringement often in both the public and private sectors. It can range from difficult to nearly impossible to track a privileged and authorized user’s access and handling of sensitive information with “traditional” monitoring tools that can not follow the data’s path and audit ihow it is handled. This is especially true when the data moves off-network or the theft takes place offsite.
Don’t let your organization be the weak link in the identity theft chain. Make sure you have tools at your disposal that can alert you when authorized users are mishandling data or a careless data breach is about to occur.