Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How to protect your company from an eBay-like breach

Antone Gonsalves | May 22, 2014
The eBay database breach that led to the theft of customers' passwords and personal information started with the compromise of employee login credentials, a reminder that companies should check the safeguards in place for protecting such critical information.

"You should see the services people are using and establish baselines and patterns around that, so you can tell what's normal and what's not," Sander said.

The fact that eBay did not discover the breach for roughly two months points to another common problem. Companies often do not know they've been compromised for weeks after the breach.

A study of 691 data breaches over the last year found that the median time between intrusion and detection was roughly three months, according to security vendor Trustwave. The median time between discovery and containment was seven days.

EBay is the latest of several companies that have suffered high-profile breaches recently. Others include retailers Target and Neiman Marcus.

Experts have said that the Target breach, which resulted in the theft of millions of credit-card numbers, could end up costing the company more than $1 billion.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.