Lost in investigation pt.1

Alex Parfentiev
2 min readFeb 8, 2022

--

Investigation shouldn’t be postponed, especially when it’s hindered by third parties. Just think of how often we encounter a data breach which became known for months ago but the actual scale of the devastative impact was measured only after all other incident mitigation steps were implemented. The most important details remain undetected as it is mistakenly considered that investigation is the most time-consuming stage and should come as a wrap-up of any data breach reaction strategy.

Here are some most recent incidents which took some time to receive an insight into them.

Nine Radio got its payroll data compromised in a hacker’s attack on Frontier Software back in 2021, but the impact on the organisation has been announced only now.

500 employees were brought into the data incident having their payroll details appropriated.
The personal data didn’t seem to be a target, but the investigation revealed that 498 current and ex-staffers could have had their data, which belongs to the period of May 2016, stolen.
There have been names, addresses, phone numbers, tax file numbers, salaries and payroll IDs in the information which got away.

Rhode Island Public Transit Association announced that 17,000 (or, according to the recent news, 22,000) individuals got their information exposed in a massive cybersecurity breach which occurred in December.
State employees as well as state-affiliated employees who had taken up the state’s health plan were affected.
The source of the issue dates back to August 2020, when an employee who was engaged into payroll work downloaded a file for paying monthly claims but never deleted it letting it stay on the desktop. The hackers discovered the file comprising sensitive personal and health data and had no problem stealing it after they had unlocked the RIPTA system.

The pharma sector, including the most prominent pharma companies listed among Fortune Global 500, was rendered vulnerable to multiple information security incidents.
According to Constella Intelligence, states that executives and employees are the primary target in these organisations, as 58% of CEOs got their data involved into a data breach between 2018–2021.In total, about over 4,500,000 records were found in the open. The leaked information contained addresses, credentials, phones as well as credit card details and other banking data belonging to individuals working for the affected companies. The situation is alarming as far as nearly 60% of data breaches and 76% of all the impacted records have happened since 2020.

--

--

Alex Parfentiev

Leading Analyst at https://searchinform.com/, I’m here to address those human factor risks many businesses often neglect or aren’t even aware of