Crime and Security
(1) Data Breach
(i) Write case study analysis of the following two data breaches.
a. The Target Breach, 2013 [1-5]
b. The Home Depot Breach, 2014 [6-9]
c. The Equifax Breach, 2017 [10-13]
(ii) Consider the target breach, what mistakes, if any, did each of the following people make and what was their level of responsibility?
a. The Fazio Mechanical employee who received the phishing email
b. The system administrator at Fazio Mechanical
c. The Fazio Mechanical website developer
d. The developer of Target's electronic billing system
e. The developer of Target's contact submission system
f. Target system and network administrators
g. Target cashiers
h. Target executives
i. Shoppers using credit cards at the Target in 2013.
(iii) "Ever since the Target data breach was disclosed by Brian Krebs on December 18,2013, occurrences of similar retail data breaches have been on the rise. Until the Home Depot data breach, the Target breach was the largest retail breach in U.S. history." - Bloomberg, 2014.
(a) Can you suggest some better ways to take card payments to protect data and prevent such breaches?
(b) Other than improving the payment mechanism, provide a list of other countermeasures that these retail stores can take to prevent data breaches in future.
(iv) What are the steps the affected people can take to help protect their information from being misused after such a massive data breach of Equifax?