Lessons Learned from the Capital One Data Breach

Lessons Learned from the Capital One Data Breach

DataeCommerceFirst Party Data

Joining the ranks of Equifax, Marriott, and Target, Capital One has now been exposed to a large data breach. More than 106 million people were affected, and it’s possible that several more companies may have been exposed as well. This breach appears to be different from others because the hacker’s motive is unknown. However, the relative ease and openness of the attack is extremely concerning.

As companies come to rely on huge amounts of data and more advanced technology, they also need to be aware of the risks. Keeping that data secure from bad actors is important to avoid fines, keep customers, and save your bottom line.

Here are 3 lessons your company can learn from the Capital One breach:

1. Don’t assume the cloud is secure.

Many companies rely on cloud hosting. In fact, hosting data in the cloud is supposed to be the most secure way to keep your company information safe. However, this breach shows that the cloud is not infallible. It appears that the hacker exploited a vulnerability in Capital One’s data security process. Though the alleged suspect has been taken into custody, it appears that she has information from several other companies. As this continues to develop, it’s possible that there may be many more people and businesses affected. If you use cloud hosting, it’s important to make sure that you have the best security systems in place.

2. Keep your data clean.

A lawsuit has already been filed against Capital One for this breach. One of the claims in the lawsuit questions why some of the leaked data was kept after it was no longer needed as well as why it was not properly secured if it was being retained. In general, you should only be holding data that is necessary. Regularly scrubbing your data stores to remove unnecessary information can help you avoid major issues. Consider how you will use the data and if it serves a specific purpose. If not, it should be deleted. Any information you do keep should have strong security measures in place.

3. Don’t mess up your response.

While breaches can be problematic for companies in many ways, failing to respond correctly can cause lasting damage to your brand. Capital One had a well though out response. However, it came 10 days after they found out about the breach. By not notifying the public immediately, they opened themselves up to criticism. Especially because the suspect had already been arrested which meant some heard about the breach before they ever responded. If a breach occurs, you want to have a PR plan in place quickly to control the narrative and limit the damage. Make sure you explain what happened, how you are fixing the problem, and who was potentially affected. By being transparent and quick with your response, you can limit the potential consequences.

Post Author: Jackie Long

Jackie Long

Blog Manager at NS8. With a varied background and over 5 years of content creation experience, Jackie works hard to provide a compelling range of informative articles.