Week 3 Journal Entry

Posted by nguma001 on

Nathan Guman

Cyber Security and social science

Week 3 Journal Entry

Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches? Enter a paragraph in your journal.

Researchers can find a vast amount of information on Privacyrights.org. The most interesting section I found was on the data breach section which laid out the number of events recorded and their types. The website split the information into type of breach and type of business impacted. Those categories are :

Type of Breach  

  • CARD – Fraud Involving Debit and Credit Cards Not Via Hacking (skimming devices at point-of-service terminals, etc.)  
  •  HACK – Hacked by an Outside Party or Infected by Malware  
  •  INSD – Insider (employee, contractor or customer)  
  •  PHYS – Physical (paper documents that are lost, discarded or stolen)  
  •  PORT – Portable Device (lost, discarded or stolen laptop, PDA, smartphone, memory stick, CDs, hard drive, data tape, etc.)  
  •  STAT – Stationary Computer Loss (lost, inappropriately accessed, discarded or stolen computer or server not designed for mobility)  
  •  DISC – Unintended Disclosure Not Involving Hacking, Intentional Breach or Physical Loss (sensitive information posted publicly, mishandled or sent to the wrong party via publishing online, sending in an email, sending in a mailing or sending via fax)   
  •  UNKN – Unknown (not enough information about breach to know how exactly the information was exposed)  

Type of Organization:  

  • BSF – Businesses (Financial Services, Banking, Insurance Services)  
  • BSO – Businesses (Manufacturing, Technology, Communications, Other)  
  • BSR – Businesses (Retail/Merchant including Grocery Stores, Online Retailers, Restaurants)  
  • EDU – Educational Institutions (Schools, Colleges, Universities)  
  • GOV – Government & Military (State & Local Governments, Federal Agencies)  
  • MED – Healthcare and Medical Providers (Hospitals, Medical Insurance Services)  
  • NGO – Nonprofits (Charities and Religious Organizations)  
  • UNKN – Unknown 

Finding such vast amounts of data available for download allows researchers to have a starting point of a defined event, with context regarding its type and impact. Not all events happen the same way or impact all businesses equally. Having data sets which are able to be broken up allows for more accurate and specific research areas.

References

Data breaches. PrivacyRights.org Retrieved September 16, 2023, from https://privacyrights.org/data-breaches

Leave a Reply

Your email address will not be published. Required fields are marked *