The Florida Department of Agriculture and Consumer Services Data Breach Compromised Sensitive Information

Media Division | May 23, 2017

Cyber attacks and data breaches can be damaging not only to the organization directly affected, but their public as well. Being that companies hold a wide variety of consumer data and assets, these are of course directly affected when a breach occurs. When the public’s personal information is compromised like this, it puts them in danger of several things, such as identity theft, fraud, etc. It can be especially dangerous when social security numbers are leaked, which is the case in a recent attack. In this incident, the Florida Department of Agriculture and Consumer Services was the victim of a cyber attack that resulted in the exposure of 469 social security numbers.

The Origin of the Breach

According to spokesperson Jenn Meale, the breach had occurred in an online payment system and is believed to have initially happened about two weeks ago. The attack is thought to have been sourced from overseas, but the agency has not released any data as to how they had gained access. The breach had been detected within 24 hours, and the system was rapidly shut down. Unfortunately, social security numbers were not the only information affected, as the criminal may have obtained 16,190 names of those with concealed weapon licenses.  Some of these also included the license number as well. Though, Meale had said that no financial information was affected.

The Addressal of the Attack

The breach had occurred in an online system in which users were able to enter their Federal Employee Identification Number (FEIN).  Years prior, the system had accepted social security numbers and FEINs, and those who continued to use their SSN were affected in the breach. The agency has notified those affected in the breach and has also offered them a free year of fraud alert and credit monitoring services. The agency does appear to be properly addressing the breach, as they secured the immediate issue, and are caring for those that were potentially affected. Far too many organizations tend to neglect public that is affected by a breach, which leads to reputation and consumer trust damage. The public is the lifeblood of an organization, and they must be shown that a breach is being properly mitigated and that they are in good hands. Obviously, the Department of Agriculture and Consumer Services will continue to be extant, being that they are a governmental institution, but an improperly handled data breach has the potential to tank organizations that do not have this luxury.

The Necessity of Comprehensive Cyber Security Intelligence

With the wide range of criminals, threats, nation states, etc. that are targeting digital systems, it is critical that organizations of all types and sizes properly protect their data. With the advancement of the current threat landscape, cyber security has moved into the need for more proactive defensive methods through the use of cyber threat intelligence. Intelligence provides an organization the patterns and indicators of threats, which allows them to then predict and prevent the threats before they even have a chance to attack. Modern threats have become quite adept at bypassing traditional reactive security methods, which is why these no longer cut it alone. To truly prevent cyber attacks in today’s landscape, organizations must be able to stay steps ahead of malicious actors.  Massive Alliance’s cyber threat intelligence services can provide an organization a much more comprehensive and proactive defense.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.