Milestone 2
In the first milestone, you identified a recent security incident that took place. There were multiple incidents that were chosen such as Target, OPM, Equifax, Home Depot, Capital One and so many more.
In the second milestone, you will access the administrative, physical, and technical controls of the particular company then determine which one of these administrative, physical, and technical controls were not secure and led to the security incident.
Guidelines for Submission: Your paper must have a title and reference page, be submitted as a two page Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least three sources cited in APA format. As a reminder, every assignment goes through a plagiarism checker so follow all the guidelines that we have discussed as you read your articles, books, etc. and summarize the author’s thoughts.
Running head: SECURITY PROTOCOLS 1
Security Protocols
Name: Kalumula Rakesh
Id: 002836752
SECURITY PROTOCOLS 2
CAPITAL ONE
The data breach is an emerging challenge facing individuals, government, and private
sectors due to the advancement of information technology (Manworren, 2016). Data has become
an essential asset in many organizations and thus, increasing pursuit of hackers to access this
database illegally. Organizations have turned their effort in securing the information system;
however, this effort this operation has been undermined by various factors such as advanced
technology that empowers hackers, inside malice, weak system, and irresponsible users. Inside
malice is of the main contributor to a security breach; in this unauthorized access to the database
is facilitated by trusted people making it hard to managecapital One data breach robust
example inside malice.
The Capital One hack was conducted between in March 22 and 23 in 2019; The breach
was detected in June 2019. The system hacker gained access to customers information of almost
106 million clients and applicants. According to the report released by Capital One management,
the breach facilitated compromise of data related to clients’ credit card applications from 2005 to
2019 (Colby, 2019). The personal data exposed in this includes the name, date of birth, credits
scores, address, social security numbers, and transactional data. In a quick response, the firm
notified the clients whose data were exposed and canceled all the credit cards that were believed
to be exposed.
The data breach was conducted by former Amazon Web Service software engineer, Ms.
Thompson Paige. At the time of the attack, AWS hosted the capital One database. FBI
investigators noticed Thompson on her online activities that indicated suspicious activities
revealing data theft. Further, the investigation revealed that she was behind a group social
SECURITY PROTOCOLS 3
network group known as Seattle Warez Kiddies that conducted illicit hacking (Flitter, 2019).
The hacker is believed to be observing the firm data system while she was working at AWS and
identified the security weakness in the Capital One database.
SECURITY PROTOCOLS 4
References
Colby, C. (2019) Capital One data breach: What you can do now following bank hack. Retrieved
by May 30, 2020, from https://www.cnet.com/how-to/capital-one-data-breach-what-you-
can-do-now-following-bank-hack/
Flitter, E.& Weise, K. (2019) Capital One Data Breach Compromises Data of Over 100 Million:
New York Times. Retrieved by May 30, 2020, from
https://www.nytimes.com/2019/07/29/business/capital-one-data-breach-hacked.html
Manworren, N., Letwat, J., & Daily, O. (2016). Why you should care about the Target data
breach. Business Horizons, 59(3), 257-266.
https://www.cnet.com/how-to/capital-one-data-breach-what-you-can-do-now-following-bank-hack/
https://www.cnet.com/how-to/capital-one-data-breach-what-you-can-do-now-following-bank-hack/
