DATA BREACH SIMULATION TRAINING JANUARY 12, 2017

Slides:



Advertisements
Similar presentations
Protecting Your Identity: What to Know, What to Do.
Advertisements

Deter, Detect, Defend: The FTC’s Program on Identity Theft.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security, Privacy, and Ethics Online Computer Crimes.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
© Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Cyber Crimes.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Arkansas State Law Which Governs Sensitive Information…… Part 3B
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
SPH Information Security Update September 10, 2010.
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
Friday, October 23, Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director.
1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Protecting Your Assets By Preventing Identity Theft 1.
What lessons can we learn from other data breaches? Target Sentry Insurance Dynacare Laboratories 1 INTRODUCTION.
SCAMS and FRAUDS How to Recognize Them and Ways You Can Protect Yourself Presented by the Criminal Investigations Division, Morganton Department of Public.
Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.
CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)
Protecting Against Cyber Attacks PLEASE TAKE A MINUTE TO LOOK AT THIS IMPORTANT MESSAGE. THIS IS HAPPENING HERE AND NOW! LET US SAVE YOU AND YOUR INFORMATION.
Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.
POLICIES & PROCEDURES FOR HANDLING CONFIDENTIAL INFORMATION NOVEMBER 5 TH 2015.
Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC
Protecting Your Assets By Preventing Identity Theft
Payment Card Industry (PCI) Rules and Standards
Handling Personal Data
Cyber Crime What’s all the fuss about?
Protecting Your Identity:
Responding to a Data Breach 360° of IT Compliance
Cyber Security & IT: What’s Next?
Data Compromises: A Tax Practitioners “Nightmare”
How to Protect Yourself from ID Theft and Social Engineering
Agenda Equifax data hack Best Buy stops selling Kaspersky
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Cybersecurity Awareness
IT Security awareness Training.
4 ways to stay safe online 1. Avoid viruses and phishing scams
Protecting Your Identity:
Cyber Issues Facing Medical Practice Managers
Red Flags Rule An Introduction County College of Morris
Cyber Trends and Market Update
Protecting Yourself from Fraud including Identity Theft
Keeping your data, money & reputation safe
Computer Security.
Ransomware and Data breaches in public libraries
Protecting Your Identity
Protecting Yourself from Fraud including Identity Theft
Clemson University Red Flags Rule Training
Protecting Your Credit Identity
Business Compromise and Cyber Threat
Cyber Security: What the Head & Board Need to Know
Move this to online module slides 11-56
Protecting Yourself from Fraud including Identity Theft
Internet Safety By: Ayana Shiggs.
Colorado “Protections For Consumer Data Privacy” Law
Internet Safety By: Ayana Shiggs.
Scenario Discussion.
Cybersecurity Simplified: Ransomware
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
School of Medicine Orientation Information Security Training
Presentation transcript:

DATA BREACH SIMULATION TRAINING JANUARY 12, 2017

A new kind of ransomware comes with its own "referrals" program, one that you probably wouldn't want to join. The malware dubbed "Popcorn Time" locks your Windows computer's files with strong AES-256 encryption, until you a pay a ransom of one bitcoin (or $780 at the time of writing) But this ransomware comes with a twist. The lock screen will let victims unlock their files the "nasty way" by sharing a link with two other people -- presumably ones the victim doesn't like. If they become infected and pay, then the original victim will receive a free decryption key. Otherwise, infected users have seven days to pay the bitcoin ransom to an anonymous wallet.

Steve Ragan | December 13, 2016

“The “Gooligan” hackers infected 13,000 phones on average each day.” Robert Hackett Updated: Nov 30, 2016 “The “Gooligan” hackers infected 13,000 phones on average each day.”

Defenseless against Hackers… 11/18/2016 - In late September, Springfield Armory received a report from a payment card network that it had noticed a pattern of unauthorized charges occurring on payment cards after they were used to make a purchase on its website. Following an investigation by the Company, it was determined that an unauthorized person gained access to the web server and installed code that was designed to copy information entered during the checkout process. Such information included order ID, name, address, email address, phone number, payment card number, expiration date and card security code, from orders placed between October 3, 2015 and October 9, 2016…

Don't click! Lawyers get fake emails about a complaint; hyperlink installs malicious software By Debra Cassens Weiss Posted Dec 05, 2016 Officials in multiple states are warning that emails inviting lawyers to click on a hyperlink to view a complaint will open a website that installs malicious software or on the lawyer’s computer, if the link is clicked. Officials in New York, Texas, Pennsylvania, Maryland and Florida are among those warning about the scam. Lawyers who received such an email should delete it immediately and should not click on the link, according to a press release by New York Attorney General Eric Schneiderman. Schneiderman’s press release and the Texas Bar Blog provide an example of one of the phishing emails. The “from” header lists “The Office of the State Attorney at com.department@outlook.com.” The subject lists “The Office of the State Attorney Complaint.” “Dear bar member,” the email begins. “A complaint has been filed against your business. Enclosed is a copy of the complaint which requires your response. You have 10 days to file a rebuttal if you so desire. You may view the complaint at the link below.”

The ITRC defines a data breach as an incident in which an individual name plus a Social Security number, driver’s license number, medical record or financial record (credit/ debit cards included) is potentially put at risk because of exposure. This exposure can occur either electronically or in paper format. The ITRC will also capture breaches that do not, by the nature of the incident, trigger data breach notification laws. Generally, these breaches consist of the exposure of user names, emails and passwords without involving sensitive personal identifying information. These breach incidents will be included by name but without the total number of records exposed. There are currently two ITRC breach reports which are updated and posted on-line on a weekly basis. The ITRC Breach Report presents detailed information about data exposure events along with running totals for a specific year. Breaches are broken down into five categories, as follows: business, banking/credit/financial, educational, Government/Military and medical/healthcare. The ITRC Breach Stats Report provides a summary of this information by category. Other more detailed reports may be generated on a quarterly basis or as dictated by trends. It should be noted that data breaches are not all alike. Security breaches can be broken down into a number of additional sub-categories by what happened and what information (data) was exposed. What they all have in common is they usually contain personal identifying information (PII) in a format easily read by thieves, in other words, not encrypted. The ITRC currently tracks seven categories of data loss methods: Insider Theft, Hacking/ Skimming/Phishing, Data on the Move, Subcontractor/Third Party/BA, Employee error/ Negligence/Improper disposal/Lost, Accidental web/Internet Exposure and Physical Theft. In some cases, there may be more than one category checked. For example, in the case of employee error which occurred with the Subcontractor The ITRC currently tracks seven categories of data loss methods: Insider Theft, Hacking/ Skimming/Phishing, Data on the Move, Subcontractor/Third Party/BA, Employee error/ Negligence/Improper disposal/Lost, Accidental web/Internet Exposure and Physical Theft.

Trouble in Paradise? Customers’ Payment Information Compromised … On November 23, 2016, Atlantis, Paradise Island (the “Resort”) confirmed that malware on its computer systems may have captured customers’ data (e.g. the card number, expiration date, CVV and in some instances, cardholder name). Following reports of unusual activity from its credit card processor, the Resort engaged a cybersecurity firm and discovered suspicious files on its computer systems that indicated a potential compromise of customers’ data for some credit and debit cards used at food and beverage and retail locations at the resort between March 9, 2016 and October 22, 2016…

France passes bill allowing class actions for data protection violations

German company fined for DPO conflict of interest

U.S. indicts three Romanians over $4 million cyber fraud By Nate Raymond | Sat Dec 17, 2016

German privacy authorities launch coordinated audit of international data transfers Ten German data protection authorities (“DPAs”) will conduct a coordinated audit of cross-border data transfers at 500-randomly selected German companies. The audit was announced by the Data Protection Authorities of Bavaria and Berlin on behalf of other DPAs on 3 November 2016. The audit is aimed at raising awareness among the companies on the outbound transfers of personal data they process and data processing operations outside the European Economic Area. This includes intra-group data transfers, cloud solutions and any other transfers to third parties. The audit results can lead to a more thorough investigation and enforcement actions by the DPAs.

Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.