Data Breach

Question 1

causes of data breach

Answer 1

1. payment card fraud
2. hacking/malware
3. insider breach
4. physical loss
5. portable device loss
6. stationary device breach
7. unintended disclosure
8. unknown breach

Question 2

payment card fraud

Answer 2

fraud to debit or credit cards not accomplished via hacking

ex. skimming device at point of service terminals

Question 3

hacking/malware

Answer 3

outside party infects a computer with malicious software

Question 4

insider breach

Answer 4

someone inside organization with legitimate access intentionally breaches information

Question 5

physical loss

Answer 5

non-electronic, paper documents are lost, discarded or stolen

Question 6

portable device loss

Answer 6

laptop, smartphone, flash drive, or other electronic device is lost, discarded or stolen

Question 7

stationary device breach

Answer 7

stationary computer is lost, discarded, stolen, or improperly accessed

Question 8

unintended disclosure

Answer 8

man error or otherwise that results in sensitive information being posted publicly, mishandled, or sent to the wrong party in either physical or electronic from

Question 9

unknown breach

Answer 9

other type of data breach that does not fall into one of the categories above

Question 10

data breach incident response

Answer 10

requires complying with state laws of every jurisdiction with organization does business or retains information on customers located there

steps
1. confirm the breach
2. secure operations and contain the breach
3. analyze and fix vulnerabilities
4. notify appropriate parties
5. take proactive steps to avoid future breaches