It was just recently reported that the Maricopa County Community College District had a major security breach that affected 2.4 million people. To make matters worse, it took them 7 MONTHS before they began to notify those individuals. Those impacted were current and former students as well as employees and vendors.

Data Breach

The district was notified by the FBI when they discovered a website that was advertising personal data from the districts database for sale. Measures were taken immediately to stop the spread of the information (the site was shut down), but their reasoning for it taking so long to report was that the district wanted to investigate the extent of the exposure. Since then, they have had continuous efforts to strengthen their networks security to avoid more instances like this.

This is going to be a very costly mistake for this district as well. On top of the additional money they will have to pay their IT staff for their overtime work, they are also going to be spending a lot on contractors and outside vendors to help with the clean up. For instance, they are hiring an outside consultant to notify all the individuals as well as set up a call center for questions. On top of that there will also be credit monitoring services provided to those who ask for it. Just the notification and call center process is expected to run them $7 million; this figure doesn’t even include the previously mentioned additional wages.

What is even worse, there was a recent study that shows over one quarter of all the people who are affected by a data breach had their identity stolen. Of those people, most of them had either their credit card information or their social security number taken. These two pieces of data were among the data that was exposed. It is safe to assume that even though it’s not confirmed what data was exactly taken, there is a good chance that there will be people who will actually encounter an issue.

This isn’t the normal breach scenario that we typically find and write about, but it shows just how severe a breach can be in relation to data exposure and cost of cleanup and repair. Ongoing risk assessments and audits would have caught the obvious weak points in their network and could have avoided all of this. Also, being properly insured for this type of disaster would have helped to offset the $7 million+ it will cost to rectify this situation.

Risk Evaluation for your “off network” devices

[vc_row type=”grid” row_type=”section” bg_image_repeat=”repeat” padding_top=”24″ padding_bottom=”24″][vc_column dp_animation=””][vc_separator][/vc_column][/vc_row][vc_row type=”grid” video_bg=””][vc_column width=”1/2″ dp_animation=””][vc_widget_sidebar sidebar_id=”posts-footer-block-left”][/vc_column][vc_column width=”1/2″ dp_animation=””][vc_widget_sidebar sidebar_id=”posts-footer-block-right”][/vc_column][/vc_row]