{"id":6488,"date":"2019-11-16T12:41:53","date_gmt":"2019-11-16T17:41:53","guid":{"rendered":"http:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/?p=6488"},"modified":"2019-11-16T12:46:12","modified_gmt":"2019-11-16T17:46:12","slug":"data-storage-issue-reveals-breach","status":"publish","type":"post","link":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/2019\/11\/16\/data-storage-issue-reveals-breach\/","title":{"rendered":"Data storage issue reveals breach"},"content":{"rendered":"<p>IT provider InfoTrax Systems is being sued by the FTC for failing to detect 20 hacking intrusions over a 22-month period. 22 months! \u00a0Hackers went undetected and were able to access data for 1 million consumers including full names, SSNs, physical and email addresses, phone numbers, and credentials for InfoTrax accounts. The breach was only discovered by InfoTrax due to the hacker maxed out their cloud storage system.<\/p>\n<p>The following article outlines the FTC complaint against InfoTrax. It lists InfoTrax\u2019s unreasonable security practices (lack of controls and processes) <a href=\"https:\/\/www.ftc.gov\/system\/files\/documents\/cases\/162_3130_infotrax_complaint_clean.pdf\">https:\/\/www.ftc.gov\/system\/files\/documents\/cases\/162_3130_infotrax_complaint_clean.pdf<\/a><\/p>\n<ul>\n<li>Not taking inventory and deleting personal data (data retention policy)<\/li>\n<li>Not conducting code review of its software and testing the security of its network<\/li>\n<li>Not detecting malicious file uploads<\/li>\n<li>Not adequately segmenting its network (protect critical business assets)<\/li>\n<li>Not implementing security safeguards (IPS\/IDS)to detect suspicious activity on its network<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.zdnet.com\/article\/thousands-of-hacked-disney-accounts-are-already-for-sale-on-hacking-forums\/\">https:\/\/www.zdnet.com\/article\/thousands-of-hacked-disney-accounts-are-already-for-sale-on-hacking-forums\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>IT provider InfoTrax Systems is being sued by the FTC for failing to detect 20 hacking intrusions over a 22-month period. 22 months! \u00a0Hackers went undetected and were able to access data for 1 million consumers including full names, SSNs, physical and email addresses, phone numbers, and credentials for InfoTrax accounts. The breach was only [&hellip;]<\/p>\n","protected":false},"author":14230,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[810401],"tags":[],"class_list":{"0":"post-6488","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-12-web-services","7":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/posts\/6488","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/users\/14230"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/comments?post=6488"}],"version-history":[{"count":2,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/posts\/6488\/revisions"}],"predecessor-version":[{"id":6491,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/posts\/6488\/revisions\/6491"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/media?parent=6488"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/categories?post=6488"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2019\/wp-json\/wp\/v2\/tags?post=6488"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}