Late last month, Paypal announced that TIO Networks, a company it acquired in July 2017, experienced a major data breach that has compromised the sensitive information of approximately 1.6million customers.
While Paypal has publicly acknowledged the breach, which could have occurred any time before it acquired TIO, customers are still unaware of the impact the brief and Paypal has yet to contact customers to notify them of the data that may have been accessed.
However, in a statement Paypal did say it had “identified a potential compromise of personally identifiable information for approximately 1.6 million customers.”
Paypal should be commended for identifying the breach and taking full responsibility. However, introducing free identity theft insurance and credit checks shows us that the information that may have been breached is incredibly sensitive – and could possibly be used to damage a credit rating or for identity theft. Further to this, Paypal has stated that TIO services, “will not be fully restored until [PayPal] are confident in the security of the TIO systems and network” a measure it has taken in order to protect its customers.
For all the work Paypal is doing to address the impact of this breach, it’s interesting to see just how long it has taken to identify and respond to the breach. According to reports, the breach occurred sometime before the acquisition and was announced a full four months later, in November.
TIO Networks and Paypal stand as a message to other companies: the question you’re asking shouldn’t be: will a breach occur? But when will a breach occur or has one occurred?
Recorded Network History lets SecOps teams quickly find, rewind and playback relevant network traffic and investigate security alerts before they turn into more serious breaches . And in the event of a breach like TIO’s, recorded Network History could have also allowed their SecOps team to get ahead of the breach before it was found by Paypal.
For the TIO Networks analysts, the ability to go back and examine the packets to see exactly what happened on their network could have substantially reduced the damage caused by the hackers. And for Paypal, it could have prevented a financial hit.
This breach also highlights the need for cybersecurity audits to be included as a key part of the due-diligence process when companies are looking at potential acquisitions. As we saw with the purchase of Yahoo, the potential cost of dealing with an inherited breach can have a significant impact on the value of the company. Knowing the risk of having to deal with such an inherited breach can help the acquirer to avoid being hit with significant unexpected costs.
With EndaceProbes Network Recorders SecOps teams can investigate and respond to data breaches quickly and conclusively.
In the event of a breach they can be sure exactly what happened: how the attacker got in, and what was compromised. Which means they can respond appropriately – offering credit and identity theft protection to their customers, or not if the breach wasn’t sufficiently serious to warrant it.