Undercover

Diary of a Data Breach Investigation

An information security manager shares the diary he kept while investigating a possible data breach

By Anonymous

We may have dodged a huge bullet on this incident, but the required legal council, forensics and the time everyone spent working on it cost the company over $1 million.

Conclusion
Where did we go wrong here and how could we have prevented this?

Both of these were questions that were asked many times during the investigation. Of course it is easy to say that in the future we will never run third-party code on our website, but how realistic is that?

Large enterprises run third-party code every day in the form of open-source software, and we are no exception.

One major way we could have prevented this incident was to have a consistently followed SDLC process in place.

Code review is a major piece of any SDLC process, as is output validation. Someone should have been working with the vendor every time there was a software change to make sure that they were seeing the appropriate data and nothing more.

Our issue should have been easy to spot since we were sending much more than the required information.

It's amazing to me that such a small issue could cost a company so much money.

I shudder to think about how much this incident would have cost if we had to report it publicly.

Other stories by Anonymous

• Email
• Print
• Comments
• Digg This
• SlashDot

• Three Years Undercover With ID Thieves
• Undercover: The Company that Did Everything Wrong
• The Company that Did Everything Wrong, Part 2