By Carl Johnson 10/16/2019
Data breaches happen under even the strictest governance plan and policies. In fact, data breaches happen more often than you might expect. According to Positive Technologies, there were 765 million people impacted in just April, May, and June of 2018.
When faced with a data breach, every minute counts. This isn’t the time to talk about the “would of, could of, should of.” This is also not the time to point fingers. Like a slow leak in a water pipe, now is the time to find and stop the leak, remediate open vulnerabilities, and put measures in place to make sure a Personally Identifiable Information (PII) spill or data breach doesn’t happen again. In this article, we discuss how to quickly control a PII spill and some of the things you can do to restrain a data breach.
What is PII
PII stands for Personal Identifiable Information. It was first used by NIST in 1979. NIST describes PII as “Any information about an individual maintained by an agency, including:
(1) Any information that can be used to distinguish or trace someone’s identity, such as name, social security number, date, place of birth, mother‘s maiden name, or biometric records; and
(2) Any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.”
In this day and age, where every app on your phone holds some kind of PII about you, data breaches have become common news. Just last month on September 29, 2019, Door Dash announced it had a data breach that impacted 4.9 million users. This data included users’ drivers’ license numbers, full names, addresses, and phone numbers. Door Dash sent an email out to its customers that stated, “Out of an abundance of caution, we are encouraging all of those affected to reset their passwords to one that is unique to DoorDash.”