Cyberfraud data breaches: What accountants, auditors need to know.
| Author | Minniti, Robert K. |
| Position | Informationsecurity |
the theft of information, also known as a data breach, is a crime that was virtually unknown two decades ago, but is flourishing today. A data breach is defined as the theft of personal information including names, Social Security numbers, birth dates, medical information, driver's license numbers, user names and passwords, and financial account information such as credit or debit card numbers. With an ever-increasing reliance on computers and information, technology organizations are increasingly susceptible to this type of fraud and cybercriminals are misappropriating data and selling the stolen information on the darknet.
The Perfect Crime?
Over the years, data theft has become a profitable crime because, in the modern economy, businesses offer goods and services on credit to strangers based on the data in the buyer's credit history. With telecommunications and internet technology, buyers and sellers do not need to meet in person to consummate their transaction. The internet has made access to information almost instantaneous--and this has provided criminals easier access to personal information from both inside and outside the United States.
Criminals breach the IT security of companies, nonprofit organizations and even governmental entities to steal information from their computers. Often human resource departments are targeted because criminals arc looking for payroll information, which includes names and Social Security numbers. Retail outlets also are targeted because they store customer information, including credit and debit card numbers on their computers.
Many data breaches are initiated through a phishing attack wherein the criminals email an individual in the target company and include a virus or other form of malware in the email. When the unsuspecting employee opens the infected email the company's computer systems and data are compromised.
[ILLUSTRATION OMITTED]
Counting Crime's Cost
Per the 2016 Cost of Dala Breach Study: Global Analysis Benchmark research sponsored by IBM and independently conducted by the Ponemon Institute, LLC, the average cost to the victim of a data breach in 2015 was $4 million. Smaller organizations fared better than larger ones.
The average cost of a smaller data breach where less than 10,000 records were compromised was $2.1 million; whereas, the average cost of a larger data breach where 50,000 or more records were compromised was $6.7 million. The average cost of a data breach in 2015 was up 29...
To continue reading
Request your trialCOPYRIGHT GALE, Cengage Learning. All rights reserved.
