PublicNet: Combating Account Takeover

October 9, 2015 — Combating Account Takeover

Ryan Wilk, NuData Security Director of Customer Success explains that the most effective defence for account takeover is detailed observation of user behavior.

Theft of data is becoming more prevalent and sophisticated. A worrying development is taking over the user account rather than creating a new account with stolen data. Data verification checks have no value, because all data is correct. In this article Ryan Wilk argues that the most effective defence is detailed observation of user behaviour.

The Ponemon Institute’s 2015 Cost of Data Breach Study showed a 23 percent increase in the total cost of a breach from 2013 to 2014. In other terms, companies paid an average of $154 per lost or stolen record. Multiply that by the hundreds of millions of records that were compromised last year, and it’s clear to see that we have a security crisis on our hands.

These records include incredibly personal data such as a person’s Social Security number, name, address, phone number, credit card number, name of local bank branch, etc. Data thieves sell this information to aggregators, who cross-reference and compile full identities—called “fullz” on the data black market. This increases the value and usefulness of the stolen data, which may have been gathered from multiple data breaches.

To see the full article at PublicNet, click here.