Personally identifiable information, or PII, is especially valuable to hackers. Here's how to make sure they don't get their hands on it.
By Aaron Weiss | Posted May 15, 2014
Because many modern security systems rely on users’ personal information, also known as PII, or personally identifiable information, a data breach can potentially weaken your security posture not just in a single context, but in all contexts.
Stefan Frei, Ph.D., research vice president at security research firm NSS Labs , and Bob Walder, NSS Labs' president and chief research officer, address the PII issue in a recent security brief called "Why Your Data Breach is My Problem." They say that each security breach which leaks PII data has a cumulative weakening effect on users’ personal security in aggregate. In other words, when Sony’s PlayStation network suffered a data breach in April 2011 – leaking PII data from some 77 million individuals – users’ loss of personal security was not limited to their use of the PlayStation.
That data, and data from the Target breach in late 2013 and other breaches, feeds into a vast pool of PII data in which the criminal underground horse-trades and aggregates.
With so much PII data floating around, details can easily be cross-correlated, helping criminals quickly put together accurate identity profiles. With just a few pieces of "secret" personal information, thieves can potentially gain access to online accounts and even financial accounts through identity theft.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.