Cp Case Study
Ty Taylor
-------------------------------------------------
MISM 2301 1. Itemize the nature of the information security breach at ChoicePoint and how this adversely affected the organization. Be sure to include both tangible and intangible losses in preparing your response. [table] Security Breach | Effect on ChoicePoint | A pass of the authentication of customers | * Data soon became available after authentication breach * Revealed hole in ChoicePoint security system * Trust of security standards instantly lost | Social security numbers accessed | * Many individuals lost their SSN to the criminals * More info can be accessed as a result which makes the customer or ChoicePoint more vulnerable to other crimes | Basic data accessed | * Private info such as telephone numbers and addresses of customers was taken | Accessed credit reports | * Personal info on credit cards were taken | Identity theft | * ChoicePoint customers had their identity’s compromised and ultimately stolen * The compromise of their identity means that they criminals could use their names and info for other purposes * ChoicePoint was effected by the Class-action lawsuit as a result * Were being investigated by the U.S Senate |
Tangible Losses | Intangible losses | * Expenses for new security * Expenses for the lawsuit * Customer losses came at a great expense as well * The reason for the security breach itself was an expensive endeavor | * Reputation went down * Loss of customers as a result of not trusting the company * Hard to bring in new customers as a result of trust as well |
2. What actions were taken by both ChoicePoint and the “authorities” to address the crisis, and what is your assessment of each action taken? [table] Action Taken | Assessment of each action | ChoicePoint | Police were contacted | * Necessary step in finding out who breached their system * Police assistance was required to see who was
-------------------------------------------------
MISM 2301 1. Itemize the nature of the information security breach at ChoicePoint and how this adversely affected the organization. Be sure to include both tangible and intangible losses in preparing your response. [table] Security Breach | Effect on ChoicePoint | A pass of the authentication of customers | * Data soon became available after authentication breach * Revealed hole in ChoicePoint security system * Trust of security standards instantly lost | Social security numbers accessed | * Many individuals lost their SSN to the criminals * More info can be accessed as a result which makes the customer or ChoicePoint more vulnerable to other crimes | Basic data accessed | * Private info such as telephone numbers and addresses of customers was taken | Accessed credit reports | * Personal info on credit cards were taken | Identity theft | * ChoicePoint customers had their identity’s compromised and ultimately stolen * The compromise of their identity means that they criminals could use their names and info for other purposes * ChoicePoint was effected by the Class-action lawsuit as a result * Were being investigated by the U.S Senate |
Tangible Losses | Intangible losses | * Expenses for new security * Expenses for the lawsuit * Customer losses came at a great expense as well * The reason for the security breach itself was an expensive endeavor | * Reputation went down * Loss of customers as a result of not trusting the company * Hard to bring in new customers as a result of trust as well |
2. What actions were taken by both ChoicePoint and the “authorities” to address the crisis, and what is your assessment of each action taken? [table] Action Taken | Assessment of each action | ChoicePoint | Police were contacted | * Necessary step in finding out who breached their system * Police assistance was required to see who was