Real Life Examples
In 2015, The Obama Administration announced a massive theft of federal employee data that will cost American taxpayers as much as $20 million. The Office of Personnel Management said that, in response to the data breach, it had contracted with the company CSID to provide services to the current and former federal workers who had their personal information stolen. OPM said as many as four million people could be affected. This comprehensive, 18-month membership includes credit report access, credit monitoring, identity theft insurance, and recovery services. OPM announced a final contract to provide those services with Winvale Group LLC. Winvale is the main contractor, and CSID is the subcontractor. While the services will be free for federal workers, they won’t be free for taxpayers. According to the contract award announcement, OPM will pay Winvale $20,760,741.63 for services designated as “call 1” in the contract. Those services include sending out 2.1 million emails to affected employees and 1.1 million letters, plus call center support, credit monitoring, and ID theft and recovery services for 3.2 million people (Kasperowicz 2015). In addition, in the same year there have been other notable breaches:
- Ashley Madison, Social Website where hacktivists stole information from Ashley Madison and dumped 10GB of data on the Deep Web. This included the account details and personally identifiable information of some 32 million users, as well as credit card transactions.
- TARGET, Consumer Retail, where hackers penetrated Target’s network and were able to infect all Point of Sales machines. They were able to expose nearly 40 million debit and credit cards to fraud. The information stolen included PIN numbers, names, as well as other banking information.
- JP Morgan Chase & Co., Credit Provider, where the company disclosed that the data of an estimated 76 million households and 7 million businesses were compromised. The information included names, addresses, phone numbers, email addresses, and others.
- Anthem Inc., Healthcare, where an attack that started last April 2014 resulted in the data theft of over 80 million current and former customers. Data stolen included names, birthdays, social IDs, email addresses, as well as employment information (Business Report 2015).