In this lesson I'll discuss how data breaches are exposed. This is going to be the video for your project for this course. So by the end of the video, I want you to be able to describe how data breaches are exposed and understand how to look at data breaches in order to determine what happened. Data breaches are exposed every day. There are many different ways that information comes out. We could have a watchdog agency. Not agencies in general but, like Wikileaks, for example, is a great way that information is exposed. Law enforcement quite often exposes this. FBI, if you're in the United States, the FBI exposes a lot of data breaches. Additionally, the Secret Service deals with data breaches as well. It's not just an arm of the White House, it's actually an arm of computer fraud and investigation. And then the company themselves also have say that, well, I had a data breach, I'm going to tell you about it. The initial discovery usually happens by employees of a company. That's about 50% of the time, according to some figures. Other times, it's law enforcement, like the Secret Service or like the other government agencies out there. Sometimes it is from the customers themselves. Noticing specific data is either missing from their account or has been access when they didn't mean to access it, or they want the ones accessing it. And some are by service providers themselves. We have to look at what's been compromised overall in order to understand the data breach. Quite a bit of the time, we see financial data being leaked, or financial data being used in certain places that it shouldn't. So what happens, when law enforcement starts to receive reports, they put all these, they correlate all these events together, and say okay, this credit card was breached here, and this credit card was breached here. And here's another coincidence, and here's another coincidence, but they all actually shopped at the same location on the same day. So we probably have an issue there. Social security numbers, fraud for example. There are ways to look at how fraud is happening. Such as there are plenty of, LifeLock for example, or there's some other companies out there like All Clear. ID does this kind of stuff. And they're looking at where social security numbers are being used or who's being offered credit, for example, to start pinpointing where data breaches might have been happening. We also could see usernames or passwords dumped out on the Internet. And then of course healthcare data. We could see healthcare data showing up online as well. And that indicates that there's been a data breach somewhere. So the exposure is happening either very privately and being used in several different places. Because its been sold or it's being made public. So let's talk about one of the larger data breaches that's more recent. Back in 2013, Target the corporation was breached. Attackers have performed a lot of reconnaissance prior to the attack. They looked up information on Target's vendors. And then the attackers actually breached one of the providers of services to target. In this case, it was a refrigeration equipment company that had back doors or actually access into their systems. So, what the attackers did is they targeted the refrigeration company And send fishing emails to gain access to the third party provider systems. And then they use that information obtained from the third party providers to get into the more sensitive area of Target's network. And once they started infiltrating other servers and other services, they started, the data breach got larger and larger and larger. And finally, once all the pieces came together, the attack started. Then they, on, well on November 27, 2013, the attackers finally crafted the credit card stealing information from the point of sale terminals, or the POS systems, to start stealing credit card information from all the terminals. Employees were actually notified by the Justice Department, and employees notified back to the Justice Department around December 13th. So that was two weeks. And in the United States, that was Black Friday, with the largest shopping day of the year. By December 15, the attack was mitigated. So here's what I want you to do for your project. I want you to look at data breaches, such as, the Target data breach. And I have a great web site out there, it's called privacyights.org. And what that does is, it's a real clearing house for all the data breaches that are happening out there, and it dates back years. But what I want you to do is look at the data breaches across three different types of areas. And I want you to dig in and investigate what happened. And based on the criteria that's listed in Coursera under the project. I want you to cover each of the areas and understand, here is how the attack actually happened. Here was the threats. Here was the mitigation strategy. But since this course is really focused on the threats. I want as specifically in the Target data breach, the threat came in from an external provider. That had credentials into Target's systems. So, least privileged, in this case, broke down, it was a threat. So, as you're going through these data breaches, keep in mind, specifically, the threats.
