Capital One: An Expensive Lesson to Learn
As part of their business practices, organizations are uploading private customer information to the cloud. However, just focusing on how secure the data is and not thinking about privacy is a mistake.
Capital One’s recent data breach proves that organizations need to be more conscious and proactive about their data protection efforts to prevent potential privacy exposure risks. Organizations have the obligation to ensure their customers’ data is fully privacy-protected before it is uploaded to the cloud. This doesn’t just mean eliminating or encrypting client names, ID’s, etc. It also entails understanding the risks of re-identification and applying as many privacy-protecting techniques as needed.
Capital One’s USD$150 Million Mistake
This month, one of the United States’ largest credit card issuers, Capital One, publicly disclosed a massive data breach affecting over 106 million people. Full names, addresses, postal codes, phone numbers, email addresses, dates of birth, SINs/SSNs, credit scores, bank balances and, income amounts were compromised (Source).
Former AWS systems engineer, Paige Thompson, was arrested for computer fraud and abuse, as a result of obtaining unauthorized access to Capital One customer data and credit card applications (Source). “Thompson accessed the Capital One data through exploiting a ‘misconfiguration’ of a firewall on a web application, allowing her to determine where the information was stored” F.B.I. officials stated. “These systems are very complex and very granular. People make mistakes” (Source).
To make amendments, Capital One is providing any affected customers with free credit monitoring and identity theft insurance in efforts. They will also be notifying customers if their data has been compromised (Source).
Unfortunately, the company is expecting the breach to cost about USD$150 million, and these costs are driven by customer notifications, credit monitoring, technology costs, and legal support.
How the breach could have been avoided
Simply encrypting data isn’t enough because Thompson was able to exploit a security system vulnerability and decrypt the data (Source).
Organizations should apply as many privacy-protecting techniques as possible to their dataset to minimize risks of customer re-identification in case of a data breach.
One way in which data can be privacy-protected to reduce the risk of re-identification is by anonymizing it. The best privacy technique to accomplish anonymization is differential privacy, which uses mathematical guarantees to hide whether an individual is present in a dataset or not.
A second way to reduce the risk of re-identification is by combining pseudonymization of direct identifiers with generalization and suppression techniques of indirect identifiers. Optimal k-anonymity is a privacy technique that generalizes and suppresses data to make it impossible to distinguish any specific individual from the rest of the individuals.
Organizations should elevate their understanding of privacy-protection to the same level at which they understand cyber-security. There are two essential questions that every organization need to be able to answer:
- What is the re-identification risk of my data?
- What privacy-protecting techniques can we implement throughout our data pipeline?
To learn more about how CryptoNumerics can help you privacy-protect your data, click here.