During the last couple of class meetings, we have discussed theft of personally identifiable information and the potential or actual costs to the person whose information has been stolen. There have been a staggering number of data breaches reported by corporations, non-profits, and government entities over the past decade. (Wikipedia lists more than 200 such breaches in the recent past.)
In many of these cases, it is unclear what has been done with the thousands or millions of records stolen. Furthermore, connections between the breach and any resulting financial consequences are often not discussed in the initial media reports. Victimized firms often fail to publicize the thefts for months or years, perhaps due to embarrassment or fear of legal action.
For this assignment, I would like you to identify one such data breach that has occurred within the past 10 years (what). Please provide some background information (when and where), the details of the breach (how), and the identity of the perpetrator, if known (who). It is important to choose an incident for which at least some of the costs have been determined.
Two additional aspects of the breach and its impacts are important for you to explore (why). Please report any estimates of the total economic loss incurred as a part of the incident, including any expenditures by the victimized firm to compensate individuals and/or to prevent recurrence. Finally, please comment on what you believe to be the motive for the data breach, especially if the costs seem low in proportion to the amount of data stolen.