CUSTOMER LOGIN
  • BLOG
  • CONTACT US
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Solutions
    • Risk Assessment Automation
    • Security Questionnaire Automation
    • Zero Day Remediation
    • Integrations
    • Industries
      • Financial
      • Energy
      • Healthcare and Hospitals
      • Legal
      • Life Sciences
      • Manufacturing Industry
      • Retail
      • Technology
      • Other Industries
  • Pricing
  • Resources
    • Blog
    • Strategy Guides
    • Case Studies
    • Data Sheets
    • Webinars
    • Dictionary
    • API
  • Company
    • About us
    • Careers
    • Partners
      • Partners Login
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Solutions
    • Risk Assessment Automation
    • Security Questionnaire Automation
    • Zero Day Remediation
    • Integrations
    • Industries
      • Financial
      • Energy
      • Healthcare and Hospitals
      • Legal
      • Life Sciences
      • Manufacturing Industry
      • Retail
      • Technology
      • Other Industries
  • Pricing
  • Resources
    • Blog
    • Strategy Guides
    • Case Studies
    • Data Sheets
    • Webinars
    • Dictionary
    • API
  • Company
    • About us
    • Careers
    • Partners
      • Partners Login
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Solutions
    • Risk Assessment Automation
    • Security Questionnaire Automation
    • Zero Day Remediation
    • Integrations
    • Industries
      • Financial
      • Energy
      • Healthcare and Hospitals
      • Legal
      • Life Sciences
      • Manufacturing Industry
      • Retail
      • Technology
      • Other Industries
  • Pricing
  • Resources
    • Blog
    • Strategy Guides
    • Case Studies
    • Data Sheets
    • Webinars
    • Dictionary
    • API
  • Company
    • About us
    • Careers
    • Partners
      • Partners Login
    • Product Security
    • Privacy Policy

74% of data breach victims are not aware they were affected —How to protect your business?

Published by Sabrina Pagnotta on July 8, 2021
Categories
  • Blog
Tags
  • Cybersecurity
data breach victims not aware - data breach tips

According to a recent study, 74% of data breaches happen without affected parties knowing about them. In the first known study to ask participants about data breaches that impacted them, conducted by the University of Michigan School of Information, researchers found most people remained unaware that their email addresses and other personal information had been compromised in five data breaches on average. 

This makes us think, how many data breaches have gone unnoticed? What if your business was exposed either directly or through a third party vendor and you didn’t notice? If it can happen to consumers, it can happen to your business… So how to get ahead of a data breach?

The problem with data breaches

LinkedIn, Adobe, Home Depot, Target and Equifax, among others, made headlines over the last decade for exposing private information of millions of people. To make matters worse, they had to pay million-dollar settlements and face financial and reputational damage. No leader wants their organization to be the next headline, and yet there’s still a lot of work to be done.

Breach notification requirements are insufficient, accountability is blurred, and consequences are often underestimated. In fact, most participants of the study expressed moderate concern after being notified that they had been victims of a breach. They were most worried about the leak of physical addresses, passwords, and phone numbers.

The problem is some consumers and businesses are not aware of how leaked personal information could potentially be misused to harm them. Identity theft is the biggest risk that comes to mind, considering attackers often get access to a victim’s full name, address, phone number, and other sensitive data. These could be used for different types of fraud, such as opening accounts, filing taxes, or making purchases on your behalf. There’s also the risk of credential stuffing, as noted by the researchers: using a leaked email address and password to gain access to other accounts of the victim.

How to stay ahead of a data breach

Companies usually keep sensitive information about customers and employees in their files or on their network. This is often necessary for payroll, orders and other necessary business functions. If we add third party vendors to the equation, which are also necessary for business operation and have access to different kinds of information, safeguarding critical information is just plain good business.

Here are some tips for organizations that want to minimize the risk of suffering from a data breach —be it in their own network or through a third party vendor:

  • Develop a procedure to collect only the data you need to operate, keep it safe, and dispose of it securely once it’s no longer needed. 
  • Consider local, regional or federal laws that require your company to keep sensitive data secure. In the United States, statutes like the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, and the Federal Trade Commission Act may require you to provide reasonable security for sensitive information.
  • Make an inventory of types of personal information you have and where it lives – consider all computers, mobile devices, flash drives, etc.
  • Understand how personal information moves into, through, and out of your business. This may require a conversation with Sales, HR, IT Support and any other area that exchanges information with customers or employees. The channels and methods used to handle this information (email, web forms, phone calls, etc.) will lead the way to the appropriate security measures.
  • Identify who has (or could have) access to the data. It could be employees, business partners, or third party vendors who need it to perform an outsourced service.
  • Secure the information that you keep. This includes general cybersecurity measures such as encryption, multi-factor authentication, firewalls, antivirus, cybersecurity awareness training, remote work policies, etc. Consider physical security measures if there’s any physical storage or delivery of information.
  • For third party vendors with outsourced business functions, perform due diligence to assess their inherent risk to your organization and their data security practices. If their security posture does not meet your standards, avoid engaging with them. If you do, put your security expectations in writing in your contract and verify compliance periodically. Read our third party risk management guide to learn how to start assessing your vendor population.

Some breaches never make the news, and some involve little or no notification to the victims. If people (or businesses) don’t know that their information was exposed, they cannot protect themselves against the implications. Fortunately, technology is on your side to stay ahead and be proactive with your security approach.

Learn more about third party risk management (TPRM) and how ThirdPartyTrust can help you get started:

[dt_default_button link=”url:https%3A%2F%2Fwww.thirdpartytrust.com%2Frequest-a-demo%2F|target:_blank” size=”medium” button_alignment=”btn_center” css=”.vc_custom_1625832824781{margin-top: -10px !important;margin-bottom: 35px !important;}”]Learn More[/dt_default_button]
Sabrina Pagnotta
Sabrina Pagnotta
Sr. Content Strategist
  • Phone
    -------------------+18476966236
  • Address
    -------------------
    1842 W. Irving Park Rd, #401, Chicago, IL 60613
  • Sales
    -------------------sales@thirdpartytrust.com
  • Marketing
    -------------------marketing@thirdpartytrust.com
  • Support
    -------------------support@thirdpartytrust.com

Contact us

Follow us!

LinkedIn
Twitter
YouTube
Facebook

Laika_SOC2_TypeI_PurpleIris

Copyright © ThirdPartyTrust 2022 | 1842 W. Irving Park Rd, #401, Chicago, IL 60613
  • BLOG
  • PARTNERS LOGIN
  • CONTACT US
Request Demo
  • BLOG
  • CONTACT US
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT